Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Understanding Interprovider and Carrier-of-Carriers VPNs


All interprovider and carrier-of-carriers VPNs share the following characteristics:

  • Each interprovider or carrier-of-carriers VPN customer must distinguish between internal and external customer routes.

  • Internal customer routes must be maintained by the VPN service provider in its PE routers.

  • External customer routes are carried only by the customer’s routing platforms, not by the VPN service provider’s routing platforms.

The key difference between interprovider and carrier-of-carriers VPNs is whether the customer sites belong to the same AS or to separate ASs:

  • Interprovider VPNs—The customer sites belong to different ASs. You need to configure EBGP to exchange the customer’s external routes.

  • Understanding Carrier-of-Carriers VPNs—The customer sites belong to the same AS. You need to configure IBGP to exchange the customer’s external routes.

In general, each service provider in a VPN hierarchy is required to maintain its own internal routes in its P routers, and the internal routes of its customers in its PE routers. By recursively applying this rule, it is possible to create a hierarchy of VPNs.

The following are definitions of the types of PE routers specific to interprovider and carrier-of-carriers VPNs:

  • The AS border router is located at the AS border and handles traffic leaving and entering the AS.

  • The end PE router is the PE router in the customer VPN; it is connected to the CE router at the end customer’s site.