VPN technology-P, PE, CE

VPN technology-P, PE, CE what is P, PE, cempls vpn there are three types of routers, CE router, PE router and P router. The CE router is a client router that provides you with a connection to the PE router. The PE router is the operator's edge router, that is, the Label Edge Router (LER) in the MPLS network ), it processes the VPN data from the CE router or the label exchange path (LSP) based on the stored route information and forwards the data. It is also responsible for exchanging route information with other PE routers; the P router is the main router of the carrier network, that is, the label exchange router (LSR) in the MPLS network. It transparently forwards the VPN data according to the outer label of the group, the P router only maintains the route information to the PE router, rather than the VPN-related route information. This is a concept in the ip man. It is explained in the MPLS protocol that the P device is a supplier device (Provider), a core layer device, and a PE is a Provider Edge device, that is, an operator Edge device, it is generally BRAS, and CE is the concept P (Provider) in the mpls vpn of the user's edge device. It is a core layer device, a Provider router, and a service Provider is a backbone network router device that does not connect to any CE router, it is equivalent to a label exchange router (LSR ). PE (Provider Edge) is the Edge router of Provide, which is equivalent to the tag Edge router (LER ). The PE router connects CE routers and P routers, which are the most important network nodes. User traffic flows into the user network through the PE router or to the MPLS backbone network through the PE router. CE (Customer Edge), the user Edge device, and the client router connected by the service provider. The CE router connects one or more PE routers to provide service access for users. The CE router is usually an IP router, which establishes an adjacent relationship with the connected PE router. User site: a user site can connect to the backbone network of a service provider through one or more links. The existing China Telecom CN2 China Netcom's broadband bearer network adopts the mpls vpn technology. The working process of mpls vpn is established between the PE route connected to the same VPN through the label protocol stack. A tunnel, the label protocol stack uses two layers of labels. The labels between the PE routers are located at the underlying layer, while the labels between the PE routers, P routers, and two P routers are located at the upper layer of the protocol stack, the lower-layer protocol is transparent to the upper-layer protocol. When user data of a VPN enters the MPLS backbone network, the interface connecting the CE router and the PE router can identify that the CE router belongs to the VPN, then, read the next hop tag from the VRF corresponding to the VPN, and add the tag as an internal tag to the tag protocol stack. After the PE router continues to find its own global route table and obtains the next hop interface and label, add the label as an external label to the label protocol stack and send the packet with two-layer labels from the corresponding interface to the P router. In the MPLS backbone network, the P router forwards data packets based on the outer label until the egress PE router. At the egress PE router, the PE router removes the packet label and forwards it as a general IP packet to the CE router connected to it. Because each packet contains two labels, the last-to-last hop label of the MPLS domain must be used to exit the stack. According to my impression, P, PE, and CE are not only the concept of MPLS. They are available in Traditional VPN technologies. The specific meaning is explained by the two upstairs. Indeed, in the traditional VPDN, the PE can be a LAC or LNS. From the perspective of operator management, the mpls pe device is equivalent to the LAC device, but one difference is that the bearer technology implemented by the LAC and today's PE is very different. I have different opinions on this statement. I am afraid it is difficult for bras to be competent and it does not need to be a pe. First, most of the connected devices of bras are dslam, while most of the users of dslam are public customers. This part of users do not have vpn requirements. Second, as a way to improve management efficiency and reduce... I feel that bras can also become a pe. If the network infrastructure of a certain province and city is complete, of course, all the devices are responsible for their respective jobs. bras is dedicated to its bras, but if a city is very remote, in other words, it cannot be called a city, for example, some tobacco monopoly and cooperatives, but also need to be connected to vpn. It is impossible to pull a leased line for them, it may also be economically inefficient, so he will consider using dial-up bandwidth for access to the vpn network, does the bras play its pe role at this time? HW 5200g can be implemented. This situation does exist. In some remote areas, the business volume is relatively small. BRAS can be used as a PE. No problem ~~!!