Understanding Carrier-of-Carriers VPNs
The customer of a VPN service provider might be a service provider for the end customer. The following are the two main types of carrier-of-carriers VPNs (as described in RFC 4364:
Internet Service Provider as the Customer—The VPN customer is an ISP that uses the VPN service provider’s network to connect its geographically disparate regional networks. The customer does not have to configure MPLS within its regional networks.
VPN Service Provider as the Customer—The VPN customer is itself a VPN service provider offering VPN service to its customers. The carrier-of-carriers VPN service customer relies on the backbone VPN service provider for inter-site connectivity. The customer VPN service provider is required to run MPLS within its regional networks.
Figure 1 illustrates the network architecture used for a carrier-of-carriers VPN service.
This topic covers the following:
Internet Service Provider as the Customer
In this type of carrier-of-carriers VPN configuration, ISP A configures its network to provide Internet service to ISP B. ISP B provides the connection to the customer wanting Internet service, but the actual Internet service is provided by ISP A.
This type of carrier-of-carriers VPN configuration has the following characteristics:
The carrier-of-carriers VPN service customer (ISP B) does not need to configure MPLS on its network.
The carrier-of-carriers VPN service provider (ISP A) must configure MPLS on its network.
MPLS must also be configured on the CE routers and PE routers connected together in the carrier-of-carriers VPN service customer’s and carrier-of-carriers VPN service provider’s networks.
VPN Service Provider as the Customer
A VPN service provider can have customers that are themselves VPN service providers. In this type of configuration, also called a hierarchical or recursive VPN, the customer VPN service provider’s VPN-IPv4 routes are considered external routes, and the backbone VPN service provider does not import them into its VRF table. The backbone VPN service provider imports only the customer VPN service provider’s internal routes into its VRF table.
The similarities and differences between interprovider and carrier-of-carriers VPNs are shown in Table 1.
Table 1: Comparison of Interprovider and Carrier-of-Carriers VPNs
VPN Service Provider Customer
Customer edge device
AS border router
Carry IPv4 routes
Carry external VPN-IPv4 routes with associated labels
Forwarding within the customer network
MPLS is optional
MPLS is required
Support for VPN service as the customer is supported on QFX10000 switches starting with Junos OS Release 17.1R1.