Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Customer Carrier as a VPN Service Provider

    The carrier-of-carriers VPN can be used to create two-tiered hierarchical VPNs. In a hierarchical VPN, the provider carrier’s VPN is the backbone, or tier-1 VPN, and the customer carrier provides the tier-2 VPN services to its customers.

    In a hierarchical VPN environment, each carrier maintains the internal routes of its customers in VRF tables on its PE routers. Routes are learned and maintained as follows:

    • In the provider carrier’s VPN, PE routers use MP-IBGP to exchange labeled VPN routes that correspond to the internal routes of the customer carrier’s VPN sites.
    • In the customer carrier’s VPN, PE routers use MP-IBGP sessions to exchange labeled VPN routes that correspond to the end customer’s VPN routes.

    Figure 1 shows a sample carrier-of-carriers environment in which the customer carrier provides VPN services to its customers.

    Figure 1: Carrier-of-Carriers VPN Service

    Carrier-of-Carriers VPN Service

    Note: In a carrier-of-carriers environment, a provider carrier creates a backbone VPN that is used by a customer carrier. You must enable carrier-of-carriers support on the VRF of the provider carrier’s PE device that connects to the PE device of the customer carrier.

    Note: You can run BGP instead of LDP as the label distribution protocol on the PE-CE link between the Tier 1 and the Tier 2 carriers in a carrier-of-carriers topology. This capability is available for carriers providing Internet access or VPN service to end users.

    Published: 2014-08-18