Introduction to MPLS


(Rene Molenaar) #1

This topic is to discuss the following lesson:


(Emir H) #2

I am a bit confused when you say “BGP free core”. If we are using iBGP between the PE routers then how can it still be a BGP free core? Or does this simply mean there is no BGP process running on the ‘P’ router?


(Rene Molenaar) #3

Hi Emir,

That’s right, the P routers form the “core” of the ISP network. Only the PE (provider edge) routers will require iBGP.

Rene


(Emir H) #4

Great, thanks.


(Edwin P) #5

Good mpls intro,thanks Rene! , i will lab this one for sure :slight_smile:


(Rene Molenaar) #6

Trying this yourself is a good idea :slight_smile: Tomorrow I’ll work on the MPLS LDP tutorial, that will explain where the labels come etc.


(Mauro P) #7

Hello Rene,

Thanks for the beginning of the MPLS Saga. I will enjoy this ride for sure.


(Anthony M) #8

Very good for an intro! I really enjoy your lessons.


(Rene Molenaar) #9

Thanks Anthony!


(Hamood R) #10

Rene,

Great lesson however, I have a question under MPLS configuration I assume we need to advertise all the networks using IGP (OSPF/EIGRP) and then we configure IBGP between the PE routers. CE peers with PE through BGP.
Why do we need iBGP if we have already configured IGP between PE routers?

Please clarify.
Thanks
Hamood


(Rene Molenaar) #11

Hi Hamood,

IBGP is used between PE routers to exchange VPNv4 routes. It’s all explained in the next MPLS lessons that you can find in the link below :slight_smile:

Rene


(Jose L R) #12

Great Tutorial Rene!!!


(shaun y) #13

hi rene is this all the information i’m going to need for the ccnp route exam or do I need to know anything else also I’ve heard people talking about mpls vpn’s is this something that I need to know about or is this a ccie topic I don’t mind if the vpn part is a ccie thing I want to learn that as well but I really need to make sure that I understand backwards and forward everything for the ccnp level so that I can talk about this at an interview if I need to keep up the great work you are gold mine of information keep it flowing


(Rene Molenaar) #14

Hi Shaun,

For CCNP ROUTE this will be enough. They expect you to have an “idea” what MPLS is about but you don’t have to configure anything. If you want to learn what MPLS VPN is about, just follow all the lessons in this overview:

It will explain all the MPLS VPN scenarios.

Rene


(Nyein C) #15

Hi Rene,

Please some posts for L2VPLS on IOS-XR and XE.

Regards,


(John S) #16

Hi Rene,

Thank you for the great lesson. I am only confused about what are the benefits of using MPLS over GRE tunnel?

 

Thanks

John


(Rene Molenaar) #17

Hi John,

It has many advantages, this will become more clear once you have seen some of the other MPLS PE-CE lessons.

One issue with GRE tunneling is that it’s not a scalable solution. You have to create static tunnels between each pair of PE routers that we use…not a good idea.

Rene


(John S) #18

Thank you Rene!!! well explained!!

-John

 


(Praveen Kumar K) #19

Hi Rene,

what ever we do with the MPLS VPNs and IPSEC VPNs and SSL VPNs is it same.

little confused though I did not understand the security VPNs clearely. need to go through again


(Rene Molenaar) #20

Hi Praveen,

These are different topics with different solutions. First of all, keep in mind that VPN is often used to talk about encryption / authentication / security but this is not always the case. Even a VLAN could be considered a VPN, it’s “virtual” and a “private network”.

Let me give you a quick overview in a nutshell:

  • MPLS VPN: we use this for connectivity. service providers offer MPLS for remote connectivity. For details, check the MPLS material. The "VPN" part of MPLS is that we use VRFs to separate customer routing information and we create unique VPN routes.
  • IPsec VPN: There is no security at all on the network layer, IPsec is a framework that takes care of this.
  • SSL VPN: This is a VPN on the application layer, it's typically used with web browsers so that you don't need any client software on your computer. Take a look at this example that I created with the ASA firewall.

Rene