MPLS VPN using IPv4 and IPv6 protocol
Ankur Dumka1, Hardwari Lal Mandoria2,Kanchan Dumka3 andAbhineet Anand4 1University of Petroleum and Energy Studies, Dehradun, India,
2University of Petroleum and Energy Studies, Dehradun, India,aanand@upes.ac.in
3 Uttarakhand Technical University, Dehradun , India
4 GovindBallabh Pant University,Pantnagar, India,
ABSTRACT
Service implementation is done for providing different rvices to the customer. Layer3 virtual private network implementation using IPv4 and IPv6 routing protocol is done and with this policy is implemented using MP-BGP as exterior gateway protocol. Layer 3 virtual private network in internet protocol version 6 is known as 6VPE technology, which is implemented using BGP and layer 3 VPN (VPRN for alcatel ) is implemented within a network shown. Service flow through this network through different ur demonstrating VPN rvice for specific ur is also shown in this paper.
Key words:. IPv6, VPN, MPLS, MP-BGP,IPv4
1. INTRODUCTION
Multiprotocol Label switching (MPLS) is an I ETF standard that merges layer 2 and layer 3 protocol that us label switching in the core network, thus reduces the workout of looking the routing table overhead. MPLS us short, length-fixed, locally significant labels in the packet header between layer 2 and layer 3 header and the packets are forwarded according to label rather than by routing protocol in the core of network. MPLS technology offer rvices including layer 3 Virtual Private Network (VPN) virtual Private Remote Network (VPRN), traffic engineering (TE), traffic protection and layer 2 VPN Virtual Path Lan rvice(VPLS).
nternet protocol version 6 (I Pv6) is an enhanced version of internet protocol version 4(IPv4) with IPv6 having 64 bit address whereas I Pv4 having 32 bit address. Currently, I Pv6 is deployed only in certain places like CNGI in china and e-japan in japan.There are many issues aris while interconnecting IPv4 & Pv6 networks, tunneling technologies are ud to connect parated IPv6 networks.
I mplementation of virtual private network (VPN)[1]
in Pv6 is known as 6VPE technology which is
extended version of Layer 3 virtual private network
technology. 6VPE can carry an I Pv6 or I Pv4 virtual
private network rvice . Like Pv4, 6VPE also
logically parates routing table entries for virtual
private network customer. For transferring to I Pv6
network next hop has to be IPv6 address even if the
provider network is an Pv4,the next hop of the
advertising 6VPE router will be an Pv4-mapped
I Pv6 address and this is done by prepending ::FFFF
to IPv4 next-hop.
6 VPE is a RFC 4364-like virtual private network
model for I Pv6 networks. I t is a method in which a
rvice provider may u its packet-switched
backbone to provide virtual private network rvices
for its I Pv6 customer. 6VPE supports multiple I Pv6感谢人生
virtual routing forwarding on provider edge(PE)
routers. multiprotocol-border gateway protocol(M-
BGP) is ud to distribute I Pv6 routes over rvice
provider backbone and thus deal with issue of
overlapping address, redistribution
policies and scalability issues. I Pv6 virtual private
network address prepended with route distinguisher. Route target extended community is
ud to distribution of routing information by tagging
exported routes and filtering imported routes.
Forwarding decision is taken by ingress provider
edge router in the data plane bad on content of
virtual routing forwarding(VRF) table. I Pv6 data
packets are encapsulated with a rvice & transport
label for transmission across core.
Layer 2 LSP label Layer 3
VPN
IPv6 data
Fig. 1 IPv6 VPN label stack
1051
978-9-3805-4416-8/15/$31.00c 2015IEEE
n Pv6 label, the outer label is known as top, transport or LSP label that identifies the transport tunnel between provider edge’s signaled via Label Distribution Protocol (LDP) Resource Rervation Protocol (RSVP)[2]. The inner label is known as the rvice, virtual circuits (VC), or virtual private network (VPN) label that identifies the customer virtual private network that is signaled via Multi protocol-border gateway protocol.
VPN operation of routing is divided into 2 component : 1.) Core routing 2.) Edge routing
Core routing involves Provider Edge(PE) router and Provider (P) routers and is performed by I Pv4 I nterior Gateway Protocols(I GPs) like OSPF etc. I t enables connectivity among the provider and provider edge routers[3].
Edge routing takes place in 2 directions. Routing between provider edge pairs achieved through multiprotocol-border gateway protocol using a specific address family(VPN-I Pv6) & routing between a provider edge and a customer edge. Routing between the customer edge and its provider edge is achieved using routing protocols that is VRF-aware like border gateway protocol or static routes.
The following routing tables are ud at incoming provider edge router: 1.) I Pv6 VRF – I t is a t of customer-specific I Pv6 routing table that contain customer routes. Each of the routing tables contains routes received from the Customer Edge (CE) routers, as well as routes from remote sites in the same virtual private network. 2.) A default routing table that is exclusively ud to reach routers inside the provider network. I t is an I Pv4 table if core is IPv4 ba el IPv6 otherwi. 3.) A BGP table that contains entries from all customer-specific I Pv6 routing tables.
Route distribution between sites occurs in following ways: 1.) The incoming customer edge router announces customer prefix to the incoming provider edge router. Although this entry belongs to the default routing table at the incoming customer edge router, it is installed in a virtual routing forwarding IPv6 table at the incoming provider edge router. The interface on which the are received determines the table into which they should be installed. 2.) Incoming provider edge router redistribute this entry into its multiprotocol border gateway routing protocol after prefixing it with the Route Distinguisher (RD) after taking reference from virtual routing forwarding table[4]. 3.) The entry will be announced to outgoing provider edge router at other end from border gateway protocol(BGP) table. 4.) Once installed in the outgoing provider edge BGP table, the entry is redistributed into one or more virtual routing forwarding tables after stripping of the route distinguisher. 5.) From the virtual
routing forwarding table, the entry is finally redistributed into customer site. Here route distinguisher is ud to distinguish entries in BGP, while BGP community (route targets) are ud to determine which entry from which virtual routing forwarding table is to be distributed in which virtual routing forwarding table on remote provider edge.
1.1 Functions of routers in 6VPE
ngress 6VPE router-data plane – As the ingress 6VPE router receives an IPv6 packet, it looks for the destination address in VRF table For the prefix learned through the remote 6VPE router, the ingress router does a lookup in the VPN-I Pv6 forwarding table. The VPN-I Pv6 route has an associated multi protocol label switching (MPLS) label to a MBGP next-hop and an associated L3 VPN rvice label. The ingress 6VPE router needs to push two MPLS labels in order to nd the packets to the egress 6VPE router, where the top label is an MPLS I Pv4 label ud to reach the egress 6VPE router and the bottom label is an MPLS label that is advertid in MBGP by remote 6VPE for IPv6 prefixes in the VRF.
Egress 6VPE router-data plane – As the core router label switch the packets to the correct egress 6VPE through the transport label, the egress 6VPE router receive label-stacked packets from the cor
e. The egress 6VPE routerpops the transport label, and pops the bottom I Pv6 L3VPN rvice label and identifies the target VRF and the address family. A further L3 lookup is performed in the target VRF and the IPV6 packet is nt towards the proper customer edge router in the IPv6 domain. The egress 6VPE forwards unlabeled packets to the customer.
105220152nd International Conference on Computing for Sustainable Global Development(INDIACom)
Figure 2: Architecture of IPv6 implementation Here in this architecture(fig, 2) we had installed 4 customer edge router(CE1, CE2 , CE3, CE4) which rves to the customer side. Whereas there are four provider edge routers (PE1, PE2, PE3, PE4) which form the backbone of the network for forwarding data from one customer edge router to another. Where customer edge router 1 and customer edge router 4 are in customer 1 VPN network while router 2 and router 4 are in customer 2 VPN network. Taking following parameters into consideration, we had configure the routers for communication.
Provisioning
parameters
Customer 1 Customer 2 Customer ID 110 120
VPRN ID 110 120
Router ID Provider
edge System
address Provider edge system address
Route
Distinguisher
64496:110 64496:120
Route target 64496:110 64496:120 Provisioning
Parameters
VPRN rvice
I D
customer 1
110
VPRN rvice
I D
customer 2
120
Provider Autonomous
System number
腋窝有痣64496
Customer 1 autonomous
system number
64497 & 64498
Customer 2 autonomous
system number
64499 & 64500
Parameter value
I pv6 system I P
address
2001:db8::y/128
Core 1 to edge 1
ipv6 subnet
2001:db8:11::/64
Core 2 to edge 2 ipv6 subnet 2001:db8:22::/64
Core 3 to edge 3
ipv6 subnet
2001:db8:33::/64
Core 4 to edge 4
ipv6 subnet
2001:db8:44::/64
Customer edge
loopback interface
2001:db8:x::/48
CE1 router Configuration
Configure router
Interface “customer 1”
Loopback
Ipv6
Address 2001:db8:1::1/48
Exit
Exit
Interface “customer 1”
Address
10.10.1.1/24
Loopback
Exit
Interface “system”
Address 10.10.10.9/32
Ipv6
Address 2001:db8::1/128
Exit
Exit
血色红颜Interface “to PE1”
Address 10.5.1.1/24
Port 1/1/2:110
Ipv6
Address 2001:db8:11::1/64
Exit
20152nd International Conference on Computing for Sustainable Global Development(INDIACom)1053
Exit
Autonomous system 64497
BGP Configuration
Configure router bgp
动能定理实验Group “to PE1”
Family IPv6
Peer-as 64496
Neighbor 10.5.1.2
Export “customer1”
Exit
Neighbor
2001:db8:11::2
Export “direct to bgp”
Exit
Exit
Policy configuration
policy-options
begin
policy-statement “direct-to-bgp” entry 10
from
protocol direct
exit
to
protocol bgp
exit
action accept
exit
exit exit
commit
exit
PE1router
Ipv6 configuration
Config router
Interface “system”
Address 10.10.10.5/32
Ipv6
Address 2001:db8::2/128
Exit
Exit
VPRN configuration Config rvice vprn Description “customer 1” Router-id 10.10.10.5 Autonomous system 64496 Route-distinguisher 64496:110 Auto-bind ldp
Vrf-target target:64496:110 Interface “PE1-to-CE1” create Description “customer 1” Address 10.5.1.2/24
Ipv6
Address 2001:db8:11::2/64 Exit
微笑阳光
Sap 1/1/2:110 create
Exit
105420152nd International Conference on Computing for Sustainable Global Development(INDIACom)
Exit
No shutdown
BGP configuration
Config rvice vprnbgp
Group “to CE1”
Family ipv6
Export “mpbgp-bgp”
桃花怎么画Neighbor 10.5.1.1
Pee-as 64497
Exit
小小的船课件Neighbor 2001:db8:11::1
Peer-as 64497
Exit
Exit
Config router bgp
Group “mp-bgp”
Family vpn-ipv4 vpn-ipv6
Peer-as 64496
Neighbor 10.10.10.6
Exit
Neighbor 10.10.10.7
Exit
Neighbor 10.10.10.8
Exit
Same configuration is done in other provider edge router (PE2, PE3 and PE4) and customer edge routers (CE2, CE3, CE4) with changes in their IPs as per the design, rest configuration will remain the same.
坚持做自己5. CONCLUSION The rvice implementation is done for the propod architecture of the model for communication among different customers using VPN in Pv4 and Pv6 protocol and communication established between the core customer routers through provider edge and provider routers. When we ping core routers
CE1 and CE4 through their I Ps using commands “pig 10.10.1.1” then ping shows failed but when we ping using customer1 VPN using command “ping vrf customer1 10.10.1.1” then it shows full connectivity as 100% packet transfer from customer router CE4 to customer routerCE1.Thus, communication using VPN among customer 1 urs, routers CE1 and CE4
is done using IPv4 and IPv6 protocols and they
can communicate using VPN id customer1 only.
REFERENCES
1.Lanjun and Lin bi ying, 2011 I nternational
Conference on Mechatronic Science, Electric
Engineering and Computer, “Rearch for
Service Deployment Bad on MPLS L3 VPN
Technology“,August 19-22, 2011, Jilin, China
page 1484-1488.
2.Rahul Aggarwal, Juniper Networks, OAM
Mechanisms in MPLS Layer 2 Transport
Networks, EEEcommunication magazine
october 2004 , page 124-130.
3.Yoo-Hwa Kang, and Jong-Hyup Lee, “The
mplementation of the Premium Services
for MPLS
I P VPNs”Advanced
Communication Technology, 2005, ICACT
2005. The 7th International Conference on
Volume: 2 Digital Object I dentifier:
10.1109/ICACT.2005.246152 ,Publication
Year: 2005 , Page(s): 1107 - 1110
4.R. Boutaba ,W. Szeto and Y.I raqi,”, Emerging
Trends in Engineering and Technology, 2008.
CETET '08. First I nternational Conference
on Digital Object
I dentifier:
10.1109/ICETET.2008.58 Publication
Year: 2008 , Page(s): 187 – 192
5..“/en/US/docs/internetworking/t
echnolog y/ MPLS/VPN/handbook“from Cisco
recognized site available.
20152nd International Conference on Computing for Sustainable Global Development(INDIACom)1055
