13.2 VPN Implementation and Topologies

Previous page
Table of content
Next page

With today's VPNs come many different implementations . There are different models referred to when using VPNs. The overlay model and the peer-to-peer model are the two most commonly used. The overlay model is one in which the traditional network-layer forwarding path is built on top of an underlying infrastructure, like ATM or Frame Relay.

In the overlay model, there are two separate networks, each having their own control and forwarding mechanism (e.g., routing table). For example, to route a packet in an IP network that is overlaid on a Frame Relay network, it would be necessary to know the IP next-hop address (Layer 3) to reach the packet's destination network. Once the IP next -hop address is determined, then a lookup must be done to find out which Frame Relay DLCI (Layer 2) is needed for the traffic to be shipped across the overlay network. Thus, there exists one set of control and forwarding mechanisms for the IP network and another for the Frame Relay network. Figure 13-2 shows an overlay model example. The network being used is made up of three CE sites connected over a Frame Relay network. The connection between each site is a Frame Relay PVC. The Layer 2 Frame Relay topology determines the forwarding path. IP VPN traffic would be forwarded over the PVCs that connect each site.

Figure 13-2. VPN Overlay Model

graphics/13fig02.gif

In the peer-to-peer model, shown in Figure 13-3, routing is simplified due to the minimal connections required in order for the customer to achieve any-to-any communications. In this implementation, each customer site will only need to be connected to a PE router. The service provider will ensure optimal routing and connectivity for the customer's sites through an exchange of VPN routing information between PE routers. This benefit greatly reduces the number of connections that would be required if an overlay model were used. Another benefit that the peer-to-peer model offers is a single connection to bring additional sites on line. In the overlay model, when adding a new site, a new virtual circuit from the newly added site may need to be added to each of the existing sites in the VPN. The single-connection requirement can bring significant cost savings to customers and reduce the complexity of their network configuration management responsibilities.

Figure 13-3. The Peer-to-Peer Model

graphics/13fig03.gif


Previous page
Table of content
Next page
Juniper Networks Reference Guide. JUNOS Routing, Configuration, and Architecture
Juniper Networks Reference Guide: JUNOS Routing, Configuration, and Architecture: JUNOS Routing, Configuration, and Architecture
ISBN: 0201775921
EAN: 2147483647
Year: 2002
Pages: 176
Authors: Thomas M. Thomas, Doris Pavlichek, Lawrence H. Dwyer, Rajah Chowbay, Wayne W. Downing, James Sonderegger
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Twisted Network Programming Essentials
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
VBScript in a Nutshell, 2nd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy