L2 & L3 configuration steps

Creating L2 or L3 VPNs mainly based on security and costs effectiveness concerns, a major decision making task for any organization’s IT management. As management have to address the layer 2 (addresses, multiplexing, bridges, spanning tree algorithm)or Layer 3 (addresses, neighbor discovery, Routing protocols)Issues, following are the implementation scenarios.

Layer 2

Layer 2 based MPLS VPN traffic is basically the bridging by the client’s switch or router to the service provider’s switch or router in a Layer 2 format. Client’s switch or router normally termed as CE (customer edge) and service provider’s switch or router termed as PE (provider edge). CE joins with the PE to exchange routes.

In layer 2 MPLS based VPN,traffic is carried out by MPLS (Multi protocol Label Switching)over the service provider’s network through VRF (virtual routing and forwarding)and then convert back to layer 2 format at receiver site.

L2 & L3 MPLS VPN

L2 & L3 MPLS VPN

Selecting L2 MPLS is required for those customers who has concern about security or infrastructure needs. They have to handle the network layer themselves,i.e. they need to configure their own switches or routers to carry all traffic.

L2 MPLS Configuration steps in Cisco (CE)

Enable – configure terminal – interface type number – no ip address [ip-address mask] [secondary] – negotiation auto – service instance si-id Ethernet – encapsulation dot1q – vlan-id – bridge-domain bd-id – end

Layer 3

It’s concern with the service provider’s routing devices; i.e. routing decisions occurs at the service provider’s routers, PE is accountable to store and process the customer’s route.

As L3 VPN connected with provider routers to maintain IP forwarding table for each VPN through virtual forwarding table (VRF) makes it less secure and speed down issue may be faced by customers.

Minimal routing entries at CE site must be done for the configuration of BGP or OSPF to communicate with PE

Minimal routing entries at CE site must be done for the configuration of BGP or OSPF to communicate with PE

L2 MPLS Configuration steps in Cisco (PE)

Enable – configure terminal – router bgp as-number – no bgp default ipv4-unicast – neighbor {ip-address | peer-group-name} remote-as as-number – neighbor {ip-address | peer-group-name} activate – address-family vpnv4 [unicast] – neighbor {ip-address | peer-group-name} send-community extended – neighbor {ip-address | peer-group-name} activate– end

Conclusion

It depends upon the organizational IT considerations whatever the services should be optimum to compete their own requirements.

TECHEXE.