Innovators Login Button
Skip Navigation LinksHome > Solutions > OEMs > VPN Solutions > BGP/MPLS VPNs

BGP/MPLS VPNs (RFC 2547 Bis)

BGP/MPLS VPNs, as defined in RFC 2547 and related drafts and standards, provide a Layer 3 VPN. With Layer 3 VPNs, each PE device acts like a set of virtual routers, one per VPN. The network provider configures the VPN membership of each PE router port. As a result, the port's view of the network is restricted to the VPNs of which it is a member, and it cannot address devices outside that environment. Either static routes are provisioned on both the CE and PE, or, for more complex scenarios, a routing protocol (such as RIP, OSPF or BGP) is run between CE and PE. So the interface between the CE and PE devices is conventional IP routing.

The network provider also establishes a suitable mesh of MPLS Label Switched Paths (LSPs) between all the PE routers that need to communicate. The PE devices qualify each external IP address that they learn with a per-VPN identifier, and broadcast them to all other PE routers using an extended form of BGP. They also include an MPLS label that is specific to the destination route (or, in some implementations, the destination port). Through this process, the PE devices build up a complete map of the VPNs and destination labels.

Layer 3 VPN PE device

The PE routers then use this information to route the packets across the backbone network to the correct destination within the relevant VPN.

  • When the packet arrives at the initial PE device, the PE device
    • uses the incoming port to identify the VPN and virtual router to use
    • looks up the destination IP address in the virtual router's forwarding table (VRF) to create a two-deep label stack (a BGP label and a transport label)
    • sends the packet to the next hop in the provider's network.

  • At intermediate LSRs, the transport label is swapped, but the BGP label is unchanged.

  • When the packet arrives at the destination PE device, it is forwarded, minus labels, out of the port identified by the BGP label.

Layer 3 VPN PE device labeling

DC-VPN Manager, DC-MPLS and DC-BGP fully support RFC 2547 VPNs, and can be supplied pre-integrated to provide a complete control plane solution. DC-MPLS can also be used to signal the underlying tunnels using DC-LDP or DC-RSVP.


Related links:


For more information about Metaswitch's MPLS products and expertise contact .