A detailed topology of advanced Mpls/vpn

1. Interconnection between different VRF: (Integration of intranet and external network)

The topic finally found a positive solution in the book.

There's always a question around me and some friends, if two vrf (companies) have access to each other business needs ISP to open. So if two VRF intranet segment IP address segment is duplicate, this time have what solution.

In the <mpls VPN Architecture > 12th Chapter P206 below there is a note:

For this link, the IP address space in the two different VPN clients should be unique, and if the address is duplicated, this connectivity will be compromised because the site will be subject to the same set of routes from different places.

That is to say, it doesn't make sense.

The following is an explanation of which condition connectivity is to be corrupted:

In this topology, the two companies, Eurobank and Fastfoods, actually have no problem with connectivity.

The Fastfoods RT import of London's Eurobank RT export 1234:17,london is 1234:17,hamburg Fastfoods's RT import contains 1234:17, Hamburg's Eurobank RT contains 1234:17, so London's Eurobank route can reach three other branches.

However, the careful person will find that the branch IP intranet network segment of different companies have repeatability, in the actual operation, this is not able to get through.

Because the local direct link routing is simply impossible to be sent out by the CE router. We all know that CE to PE walk is a pure route forwarding, such as the Eurobank of London, local 195.12.2.0. Then think of the 195.12.2.0 of London's fastfoods. In the local CE Eurobank, See their own-C Direct link routing table has this route, directly and back to, there will be two possible: one, originally from the Eurobank of London think of the Fastfoods 195.12.2.0 route, local directly to the intranet, the intranet just have this IP, the result turned wrong destination. Maybe two, local does not have this route, then the CE router sends ARP to search, (or is Challo by the table), cannot find the words, discard.

For this link, the IP address space in the two different VPN clients should be unique, and if the address is duplicated, this connectivity will be compromised because the site will be subject to the same set of routes from different places.

Let's look at a network that can access each other.