Book source: "SRv6 Network Programming: Opening a New Era of IP Networks"
This book has been out for many years, but I read it again many years later because of work needs. In addition to reviewing, I found that I have learned more knowledge. Organize the reading notes while studying, and share them with everyone. If the copyright is violated, it will be deleted. Thank you for your support!
Attach a summary post: SRv6 Network Programming Self-study Series | Summary_COCOgsta's Blog-CSDN Blog
On an SRv6 network, a VPN instance can be identified by an SRv6 SID, and the details will be introduced later.
5.1.1 Basic model of VPN
Figure 5-1 shows the basic model of VPN.
Figure 5-1 Basic model of VPN
VPN consists of the following three parts.
- CE: CE is the edge device of the user network, and does not need to support VPN bearer protocols, such as MPLS or SRv6.
- PE: PE is the edge device of the service provider network.
- P (Provider): P is the backbone device in the service provider network and only needs to have basic network forwarding capabilities (MPLS forwarding or IPv6 forwarding capabilities).
5.1.2 VPN service types
According to the service type and network characteristics carried by VPN, VPN can be divided into two types: L3VPN and L2VPN.
After the network becomes IP, the deployment of VPN is mostly L3VPN. Traditional 2G TDM interfaces can only be carried by L2VPN. In addition, in the enterprise network or data center, if there are many low-speed interfaces or switches, L2VPN can also be deployed.
- L3VPN
In MPLS L3VPN, isolation between different VPNs is implemented through VPN instances and identified by VPN labels assigned by MPLS. PE establishes and maintains a dedicated VPN instance for each directly connected site.
Each VPN instance on the PE has a relatively independent routing table and LFIB.
L3VPN uses BGP to spread private network routing information of VPN sites on the carrier's backbone network, and uses MPLS or SRv6 to carry VPN service traffic, realizing the isolation of carrier networks and user networks.
- L2VPN and EVPN
A VPN carrying Layer 2 services is called an L2VPN. Traditional L2VPN mainly includes VPLS and VPWS.
- VPLS is a multipoint-to-multipoint L2VPN service that supports geographically isolated user sites to be connected through an intermediate network to form a local area network.
- VPWS is a point-to-point L2VPN service, which is an emulation of traditional leased line services.
However, as the scale of the network becomes larger and the business requirements increase, the traditional L2VPN technology encounters a bottleneck.
To solve these problems of L2VPN, the industry proposes the EVPN technology.
EVPN combines the advantages of BGP VPLS and BGP L3VPN, and uses extended BGP to advertise MAC reachability information to separate the control plane and forwarding plane of L2VPN services.
With its advantages of flexible deployment, efficient use of bandwidth, co-deployment of layer 2 and layer 3 services, and fast convergence, EVPN is widely used in multiple scenarios such as WAN (Wide Area Network, wide area network) and DC. Layer protocol trends.
EVPN uses MPLS as the forwarding plane at the beginning of its design. Because EVPN realizes the separation of the control plane and the forwarding plane, when the forwarding plane is switched from MPLS to SRv6, the key technologies and advantages of EVPN services can still be naturally inherited by SRv6 and amplified with the technical advantages of SRv6 itself, such as more Powerful cloud-network collaboration capabilities, higher reliability, etc.