Layer 3 Virtual Private Networks (l3vpn) Internet Drafts
| OSPFv3 as a PE-CE routing protocol | |||||||||||||||||
|
Many Service Providers (SPs) offer Virtual Private Network (VPN) services to their customers using a technique in which Customer Edge (CE) routers are routing peers of Provider Edge (PE) routers. The Border Gateway Protocol (BGP) is used to distribute the customer's routes across the provider's IP backbone network, and Multiprotocol Label Switching (MPLS) is used to tunnel customer packets across the provider's backbone. Support currently exists for both IPv4 and IPv6 VPNs, however only Open Shortest Path First protocol version 2 (OSPFv2) as PE-CE protocol is specified. This document extends those specifications to support OSPF version 3 (OSPFv3) as a PE-CE routing protocol. The OSPFv3 PE-CE functionality is identical to that of OSPFv2 except for the differences described in this document. | ||||||||||||||||
| MVPN: Using Bidirectional P-Tunnels | |||||||||||||||||
|
The documents specifying multicast support for BGP/MPLS IP VPNs allow customer multicast data to be transported through a service provider's network through a set multicast tunnels. Such tunnels are advertised by BGP in a BGP attribute known as the "Provider Multicast Service Interface (PMSI) Tunnel Attribute". The base specifications allow the PMSI Tunnel Attribute to advertise bidirectional multicast distribution trees as "PMSI Tunnels"; however, those documents do not provide all the necessary details for using those tunnels. These details are provided in this document. This document also specifies the procedures for assigning customer multicast flows to specific bidirectional PMSI tunnels. | ||||||||||||||||
| Wildcards in Multicast VPN Auto-Discovery Routes | |||||||||||||||||
|
In "Multicast Virtual Private Networks" (MVPNs), customer multicast flows are carried in "tunnels" through a service provider's network. The base specifications for MVPN define BGP multicast VPN "auto-discovery routes", and specify how to use an auto-discovery route to advertise the fact that an individual customer multicast flow is being carried in a particular tunnel. However, those specifications do not provide a way to specify, in a single such route, that multiple customer flows are being carried in a single tunnel. Those specifications also do not provide a way to advertise that a particular tunnel is to be used by default to carry all customer flows, except in the case where that tunnel is joined by all the provider edge routers of the MVPN. This document eliminates these restrictions by specifying the use of "wildcard" elements in the customer flow identifiers. With wildcard elements, a single auto-discovery route can refer to multiple customer flows, or even to all customer flows. | ||||||||||||||||
| Virtual Hub-and-Spoke in BGP/MPLS VPNs | |||||||||||||||||
|
With BGP/MPLS VPNs any-to-any connectivity among sites of a given Virtual Private Network would require each Provider Edge router that has one or more of these sites connected to it to hold all the routes of that Virtual Private Network. The approach described in this document allows to reduce the number of Provider Edge routers that have to maintain all these routes by requiring only a subset of these routers to maintain all these routes. Furthermore, when Provider Edge routers use ingress replication to carry multicast traffic of VPN customers, the approach described in this document could allow to reduce bandwidth inefficiency associated with ingress replication, and to redistribute the replication load among Provider Edge routers. | ||||||||||||||||
| MPLS/BGP Layer 3 VPN Multicast Management Information Base | |||||||||||||||||
|
This memo defines an portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects to configure and/or monitor multicast in MPLS/BGP-based Layer-3 VPN (MVPN) on an MVPN router. | ||||||||||||||||
 |
 |
 |
 |
|
 |
|
 |
|
 |
|
 |
Layer 3 Virtual Private Networks (l3vpn)
Last Modified: 2009-05-18
Additional information is available at tools.ietf.org/wg/l3vpn
Chair(s):
Routing Area Director(s):
Routing Area Advisor:
Secretary(ies):
Mailing Lists:
General Discussion: l3vpn@ietf.orgTo Subscribe: https://www.ietf.org/mailman/listinfo/l3vpn
Archive: http://www.ietf.org/mail-archive/web/l3vpn/current/maillist.html
Description of Working Group:
This working group is responsible for defining and specifying alimited number of solutions for supporting provider-provisioned
Layer-3 (routed) Virtual Private Networks (L3VPNs).
The WG is responsible for standardization of the following solutions:
1. BGP/MPLS IP VPNs (based on RFC 2547)
2. IP VPNs using Virtual Routers
3. CE-based VPNs using IPsec
The following VPN deployment scenarios will be considered by the WG:
1. Internet-wide: VPN sites attached to arbitrary points in
the Internet
2. Single service provider (SP)/single AS: VPN sites attached to
the network of a single provider within the scope of a single
AS
3. Single SP/multiple AS'es: VPN sites attached to the network
of a single provider consisting of multiple AS'es
4. Cooperating SPs: VPN sites attached to networks of different
providers that cooperate with each other to provide VPN service
The WG will address deployment of the following features in a VPN
environment:
1. IP Multicast
2. IPv6
As part of this effort the WG will work on the following tasks
(additional work items will require rechartering):
1. Requirements and framework for Layer 3 VPNs
2. Solution documents for each approach listed above (including
applicability statements)
3. MIB definitions for each approach
4. Security mechanisms for each approach
As a general rule, the WG will not create new protocols, but will
provide functional requirements for extensions of the existing
protocols that will be discussed in the protocol-specific WGs. L3VPN
WG will review proposed protocol extensions for L3VPNs before they are
recommended to appropriate protocol-specific WGs.
As stated above, the WG will define an IPv6 over BGP / MPLS VPN
solution. This will include a forwarding plane component and a
control plane component. In the forwarding plane, IPv6 datagrams will
be encapsulated within an MPLS header. If any aspect of IPv6
forwarding over MPLS is as yet undefined, the L3VPN WG will defer to
the MPLS and appropriate IPv6 WGs. On the control plane, BGP
extensions may also need to be defined. In this respect, the L3VPN WG
will defer to the IDR and appropriate IPv6 WGs.
QoS support is excluded from the charter at this time. It may be
considered for inclusion in an updated charter at a later time. Future
work items may also include OAM support.
Goals and Milestones:
| Done | Submit L3 VPN Requirements Document to IESG for publication as Info | |
| Done | Submit Generic Requirements Document to IESG for publication as Info | |
| Done | Submit L3 VPN Framework Document to IESG for publication as Info | |
| Done | Submit VPN Security Analysis to IESG for publication as Info (draft-fang-ppvpn-security-framework-00) | |
| Done | Submit BGP/MPLS VPNs specification and AS to IESG for publication as PS (draft-ietf-ppvpn-rfc2547bis-03, draft-ietf-ppvpn-as2547-01) | |
| Done | Submit CE-based specification and AS to IESG for publication as PS (draft-ietf-ppvpn-ce-based-03, draft-declercq-ppvpn-ce-based-sol-00, draft-declercq-ppvpn-ce-based-as-01) | |
| Done | Submit Virtual Router specification and AS to IESG for publication as PS (draft-ietf-ppvpn-vpn-vr-03, draft-ietf-ppvpn-as-vr-01) | |
| Done | Submit BGP as an Auto-Discovery Mechanism for publication as PS (draft-ietf-ppvpn-bgpvpn-auto-05.txt) | |
| Done | Submit specification of using GRE for PE-PE encapsulation in BGP/MPLS VPNs to IESG for publication as PS (draft-ietf-ppvpn-gre-ip-2547-02) | |
| Done | Submit VPN MIB Textual Conventions to IESG for publication as PS (draft-ietf-ppvpn-tc-mib-02) | |
| Done | Submit MPLS/BGP VPN MIB to IESG for publication as PS (draft-ietf-ppvpn-mpls-vpn-mib-05) | |
| Done | Submit VR MIB to IESG for publication as PS (draft-ietf-ppvpn-vr-mib-04) | |
| Done | Submit specification of using IPSEC for PE-PE encapsulation in BGP/MPLS VPNs to IESG for publication as PS (draft-ietf-ppvpn-ipsec-2547-03) | |
| Done | Submit specification of OSPF as the PE/CE Protocol in BGP/MPLS VPNs for publication (draft-ietf-l3vpn-ospf-2547-xx.txt) | |
| Done | Submit specification of IPv6 over BGP/MPLS VPNs for publication | |
| Feb 2008 | Submit specification of IPv4 multicast over BGP/MPLS VPNs for publication |
Internet-Drafts:
Multicast in MPLS/BGP IP VPNs (228854 bytes)BGP Encodings and Procedures for Multicast in MPLS/BGP IP VPNs (145489 bytes)
Requirements for supporting Customer RSVP and RSVP-TE over a BGP/MPLS IP-VPN (55694 bytes)
Four-octet AS Specific BGP Extended Community (8197 bytes)
IPv6 Address Specific BGP Extended Communities Attribute (9459 bytes)
BGP ACCEPT_OWN Standards Action Community Attribute (15592 bytes)
OSPFv3 as a PE-CE routing protocol (46856 bytes)
Mandatory Features in a Layer 3 Multicast BGP/MPLS VPN Solution (82411 bytes)
Request For Comments:
Generic Requirements for Provider Provisioned Virtual Private Networks (RFC 3809) (60576 bytes)Provider Provisioned Virtual Private Network (VPN) Terminology (RFC 4026) (42124 bytes)
Service requirements for Layer 3 Provider Provisioned Virtual Private Networks (RFC 4031) (118568 bytes)
A Framework for Layer 3 Provider Provisioned Virtual Private Networks (PPVPNs) (RFC 4110) (204159 bytes)
Security Framework for Provider Provisioned Virtual Private Networks (PPVPNs) (RFC 4111) (106626 bytes)
Framework for Layer 3 Virtual Private Networks (L3VPN) Operations and Management (RFC 4176) (46348 bytes)
Definition of Textual Conventions for Virtual Private Network (VPN) Management (RFC 4265) (10976 bytes)
Applicability Statement for BGP/MPLS IP Virtual Private Networks (VPNs) (RFC 4365) (77924 bytes)
BGP/MPLS IP Virtual Private Networks (VPNs) (RFC 4364) (116446 bytes) obsoletes RFC 2547/ updated by RFC 4577,RFC 4684,RFC 5462
MPLS/BGP Layer 3 Virtual Private Network (VPN) Management Information Base (RFC 4382) (85594 bytes)
OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs) (RFC 4577) (61515 bytes) updates RFC 4364
BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN (RFC 4659) (42090 bytes)
Constrained Route Distribution for Border Gateway Protocol/MultiProtocol Label Switching (BGP/MPLS) Internet Protcol (IP) Virtual Private Networks (VPNs) (RFC 4684) (28475 bytes) updates RFC 4364
Use of Provider Edge to Provider Edge (PE-PE) Generic Routing Encapsulation (GRE) or IP in BGP/MPLS IP Virtual Private Networks (RFC 4797) (18985 bytes)
Requirements for Multicast in Layer 3 Provider-Provisioned Virtual Private (PPVPNs) (RFC 4834) (80341 bytes)
IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.
Return to working group directory. 
