VPN Tunneling Using MPLS

MPLS label stacking, provided by MPLS for hierarchical networks, is the key to implementing VPN tunnels over MPLS networks.

• An outer transport label is used to establish bulk transport LSPs (tunnels) between the PE devices of a provider's network.
• An inner label is used to identify separate per-VPN flows, all of which can traverse the same transport tunnel.

The labels alone keep traffic for each VPN separate, without the need for encryption. However, encryption can be used if the application demands it. Moreover, as only one set of transport tunnels needs to be established between PE routers, these VPN solutions are all highly scalable.

A common set of transport tunnels can be used for all these services, and the provider is free to choose how they are set up. LDP is convenient for best-efforts services. Alternatively, RSVP-TE can be used to provide QoS and Backup tunnels.

DC-MPLS can be used to signal these tunnels using DC-LDP and DC-RSVP. DC-RSVP also supports the Traffic Engineering (TE) and optical extensions (GMPLS) for signaling tunnels with guaranteed QoS and across fully optical networks.

Related links:

• DC-RSVP
• VPWS
• BGP/MPLS VPNs (RFC 2547 bis)
• DC-LDP
• VPLS
• DC-MPLS

For more information about Metaswitch's MPLS products and expertise contact .