Auto-discovery of virtual private networks
First Claim
1. A method comprising:
- automatically discovering virtual private network (VPN) memberships for a plurality of routers within a network, wherein each of the plurality of routers is coupled to one or more customer networks and belongs to at least one of a plurality of different VPNs, and wherein automatically discovering the VPN memberships of the routers includes exchanging Border Gateway Protocol (BGP) advertisements between the routers that encode virtual routing and forwarding (VRF) instances configured on the routers for the different VPNs to which the routers belong;
in response to discovering the VPN memberships, establishing one or more label switched paths (LSPs) through the network for the routers that are members of at least one of the discovered VPNs, each of the LSPs forming a tunnel for transporting data packets from a source router providing an ingress to the LSP to at least one destination router providing an egress from the LSP;
allocating, with the source router of each LSP, an multi-protocol label switching (MPLS) label to identify control information for the VPN and sending a BGP advertisement from the source router to the destination router to advertise the label to the destination router;
receiving BGP advertisements that encode control information for the VPN using the label allocated by the source router; and
transmitting data packets for the VPN from the source router through the LSP to the destination router in accordance with the control information.
0 Assignments
0 Petitions
Accused Products
Abstract
Principles of the invention are described for providing multicast virtual private networks (MVPNs) across a public network that are capable of carrying high-bandwidth multicast traffic with increased scalability. In particular, the MVPNs may transport layer three (L3) multicast traffic, such as Internet Protocol (IP) packets, between remote sites via the public network. The principles described herein may reduce the overhead of protocol independent multicast (PIM) neighbor adjacencies and customer control information maintained for MVPNs. The principles may also reduce the state and the overhead of maintaining the state in the network by removing the need to maintain at least one dedicated multicast tree per each MVPN.
-
Citations
11 Claims
-
1. A method comprising:
-
automatically discovering virtual private network (VPN) memberships for a plurality of routers within a network, wherein each of the plurality of routers is coupled to one or more customer networks and belongs to at least one of a plurality of different VPNs, and wherein automatically discovering the VPN memberships of the routers includes exchanging Border Gateway Protocol (BGP) advertisements between the routers that encode virtual routing and forwarding (VRF) instances configured on the routers for the different VPNs to which the routers belong; in response to discovering the VPN memberships, establishing one or more label switched paths (LSPs) through the network for the routers that are members of at least one of the discovered VPNs, each of the LSPs forming a tunnel for transporting data packets from a source router providing an ingress to the LSP to at least one destination router providing an egress from the LSP; allocating, with the source router of each LSP, an multi-protocol label switching (MPLS) label to identify control information for the VPN and sending a BGP advertisement from the source router to the destination router to advertise the label to the destination router; receiving BGP advertisements that encode control information for the VPN using the label allocated by the source router; and transmitting data packets for the VPN from the source router through the LSP to the destination router in accordance with the control information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A network router comprising:
-
an auto-discovery module that discovers virtual private network (VPN) memberships of a plurality of destination routers within a network, wherein each of the plurality of destination routers is coupled to one or more respective customer networks and belongs to at least one of a plurality of different VPNs, wherein the auto-discovery module receives Border Gateway Protocol (BGP) advertisements from each of the destination routers that specify virtual routing and forwarding (VRF) instances configured on the destination routers for the different VPNs to which the respective destination router belongs; and a control unit that executes a label switching protocol to establish a distribution tree within the network for at least a first one of the discovered VPNs, the distribution tree comprising a point-to-multipoint (P2MP) label switched path (LSP) forming a tunnel for transporting data packets from a source device providing an ingress to the multicast tree to the plurality of destination routers providing a plurality of different egresses from the distribution tree, wherein control unit allocates an multi-protocol label switching (MPLS) label to identify control information for the first one of the discovered VPNs and sends a BGP advertisement to advertise the label to the routers providing the egresses for the distribution tree, and wherein the control unit receives BGP advertisements that encode control information for the first one of the discovered VPNs using the label and transmits data packets for the first one of the discovered VPNs through the P2MP LSP to the destination routers in accordance with the control information. - View Dependent Claims (9)
-
-
10. A non-transitory computer-readable medium comprising instructions that cause a programmable processor to:
-
discover multicast virtual private network (VPN) memberships of a plurality of routers within a network, wherein each of the plurality of routers is coupled to one or more respective customer networks and belongs to at least one of a plurality of different VPNs, and wherein discovering the VPN memberships of the routers includes receiving Border Gateway Protocol (BGP) advertisements from each of the routers that specify virtual routing and forwarding (VRF) instances configured on the routers for the different VPNs to which the respective router belongs; establish a distribution tree within the network for at least one of the discovered VPNs, the multicast tree comprising a point-to-multipoint (P2MP) label switched path (LSP) forming a tunnel for transporting data packets from a source router providing an ingress to the P2MP LSP to the plurality of destination routers providing a plurality of different egresses from the P2MP LSP; allocate, with the source router of each LSP, an multi-protocol label switching (MPLS) label to identify control information for the VPN and send a BGP advertisement from the source router to the destination router to advertise the label to the destination router; receive BGP advertisements that encode control information for the VPN using the label allocated by the source router; and transmit data packets for the VPN from the source router through the P2MP LSP to the destination router in accordance with the control information.
-
-
11. A system comprising:
-
a plurality of routers within a network that advertise their virtual private network (VPN) memberships using Border Gateway Protocol (BGP) advertisements that specify virtual routing and forwarding (VRF) instances configured on the routers for different VPNs to which the respective router belong, wherein the routers allocate a multi-protocol label switching (MPLS) label for each of the VPNs and encode the MPLS labels within network layer reachability information of the BGP advertisements along with an import route target that identifies a corresponding one of the VRFs; and a distribution tree automatically established within the network by the routers for at least a first one of the VPNs, wherein the distribution tree comprises a point-to-multipoint (P2MP) label switched path (LSP) forming a tunnel for transporting data packets from a source one of the routers as an ingress to the distribution tree to a plurality of the routers providing a different egresses from the distribution tree, wherein a source router of the distribution tree allocates an multi-protocol label switching (MPLS) label to identify control information for the at least one VPN and sends a BGP advertisement to advertise the label to the routers providing the egresses for the distribution tree, and wherein the source router receives BGP advertisements that encode control information for the first one of the discovered VPNs using the label allocated by the source router and transmit data packets for the first one of the discovered VPN from the source router through the P2MP LSP to the destination routers in accordance with the control information.
-
Specification