MPLS - Disabling IPv4 address family in BGP for VPNv4

MPLS - L3VPN BGP EIGRP redistribution

MPLS - L3VPN BGP OSPF Redistribution

MPLS - Using the BGP Allow-AS in feature

MPLS - VPN label

MPLS - VPNv4 Labels are assigned per route

OSPF - MPLS SuperBackbone

OSPF requirements for forming adjacency

OSPF sham-link

VRF - VPNv4 address


What does the term "[VPN](/vpn)" mean in the context of [MPLS](/mpls)?

A VPN is a technology that creates a secure and encrypted connection over a less secure network, such as the Internet. It’s like a protected tunnel through which your traffic can pass undisturbed, away from the prying eyes of hackers, your [ISP](/internet-service-provider-isp), the government, and even the websites you visit. VPNs can be deployed in various forms, such as site-to-site, host-based, or even via a subscription-based VPN provider, which creates a VPN between your device and its servers, which then act as a proxy for your communications.

In the context of MPLS, a VPN can be thought of as a ‘[pseudo-wire](/pseudowire)’ that exists in an MPLS network. This pseudo-wire is able to transport payload traffic of various types and segments, each isolated from each other. This is where the understanding of a VPN as a network/connection running over a tunnel comes in.

The `mpls ip` command on MPLS routers ([label switch routers (LSRs)](/mpls-label-switch-router) and [label edge routers (LERs)](/mpls-label-edge-router)) simply enables MPLS on the interface, but does not make it a VPN. The VPN comes into play when we start using [VRF](/vrf) and [RDs](/mpls-route-distinguisher) and [RTs](/mpls-route-target). These are used to segregate customer traffic, making each customer’s traffic private from others - hence the term VPN.

In a normal MPLS network without VRFs, RDs/RTs, all customer traffic would be in the same routing instance, which would not provide the necessary separation and isolation for it to be considered a VPN.

However, VPNs in the context of MPLS have a couple of specialized traits:

* First, a VPN in the context of MPLS does not apply any form of security, which is traditionally associated with VPNs. If you want to ensure an encrypted MPLS L3 VPN implementation, you can use an option such as [FlexVPN](/flexvpn) or [IPSec](/ipsec) with MPLS, among other options.
* The second is that MPLS L3 VPNs use what are known as VPNv4 and VPNv6 routes. In the context of [BGP](/bgp) and MPLS these terms refer to the BGP [address family](/routing-address-family) used to carry [IPv4](/ipv4) and [IPv6](/ipv6) prefixes over MPLS-based VPNs. So the term VPN in this context is a well-defined terminology for MPLS and means something very specific.

Links:

https://forum.networklessons.com/t/mpls-layer-3-vpn-configuration/1288/166?u=lagapides

https://networklessons.com/mpls/mpls-layer-3-vpn-configuration/



MPLS - Virtual Private Network (VPN)

Interface - unknown protocol drops

Interface speed and bandwidth

Interior Gateway Protocol (IGP)

Internet Exchange Point (IXP)

Internet Service Provider (ISP)

Intrusion prevention system (IPS)

Kron task scheduler

L2TPv3 over IPSec

L2TPv3

LACP

LAG - Multi-Chassis LAG

LFA - Topology Independent LFA

LFA, remote LFA, and how they work together in OSPF

LISP - map request and reply process

LISP - what is it

LISP and overlapping address spaces

LISP debug traffic between two EIDs

LISP host mobility use cases

LISP where EID-to-RLOC mappings originate

LISP

Logging buffered command

Loop-Free Alternate (LFA) Fast Reroute (FRR)

Loop-Free Alternate (LFA) and remote LFA

Loops in layers 2 and 3

MAC Access List EtherType

MAC Access List

MAC address flapping

MAC address of all zeros

MAC address table - multiple entries of the same MAC address

MAC address table - show command on Nexus device

MAC address table populated using source address field

MAC address table static multicast entry

MAC address table

MAC address

MPLS - BGP customer prefixes do not appear in the LFIB

MPLS - Connecting IPv6 sites over an IPv4 backbone

MPLS - Ethernet over MPLS (EoMPLS)

MPLS - LDP source interface

MPLS - Layer 2 VPNs

MPLS - Multi-VRF CE

MPLS - Segment Routing over MPLS

MPLS - Transport Profile

MPLS - label distribution using MP-BGP

MPLS - label

MPLS - multiarea OSPF in the core

MPLS - network redundancy

MPLS - what is fate sharing

MPLS - what is seamless MPLS

MPLS 6PE uses two labels in the data plane

MPLS Bytes Label Switched in the LFIB

MPLS Customer Edge Router

MPLS L3VPN Inter-AS Options

MPLS LDP Label Filtering

MPLS LDP Session Protection

MPLS LDP Targeted Hellos

MPLS LSR ID

MPLS Label Distribution Protocol

MPLS Label Distribution and Swapping

MPLS Label Edge Router

MPLS Label Switch Router

MPLS Layer 3 VPN communication between CE and PE routers

MPLS Layer 3 VPN communication between CE routers

MPLS Local Label Allocation Filtering

MPLS Penultimate hop popping

MPLS Route Distinguisher

MPLS Route Target

MPLS TE - Affinity attribute flag assignment best practices

MPLS TE - TE Tunnels

MPLS TE setup and hold priority

MPLS Troubleshooting

MPLS VPN extranet route leaking unique addressing

MPLS VRF names locally significant

MPLS addresses bound to peer LDP Ident output

MPLS advertising multiple customer subnets

MPLS entropy label

MPLS explicit NULL

MPLS implicit NULL

MPLS mandatory use of CEF

MPLS traffic engineering

MPLS-TE - why are IGPs necessary

MPLS

MPP vs ACLs

MQTT return codes

MST - Root port selection for switches outside MST topology

MST configuration revision number

MTU - Adjusting MTU to accommodate additional headers

MTU - Interface MTU configuration considerations

MTU - MSS and Jumbo Frames

MTU - Path MTU Discovery (PMTUD)

MTU - default interface MTU

MTU adjusting the MSS for TCP

MTU ip mtu allowed values

MPLS - Virtual Private Network (VPN)

Links to this page: