The MPLS WG Archive[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index][Thread Index][Author Index][Subject Index] How to map a packet to a VRF for route lookup?
Indeed. The VPN definition in terms of sites is ill-defined and has led to many confusions. As for the service we have developed and sell, we define a VPN as a collection of interfaces. An interface is always associated with a single vrf belonging to the VPN. Although, I must admit that inevitably in discussions with customers, we often use the term site instead of interface. Chris Chase > -----Original Message----- > From: Ben Black [mailto:ben@layer8.net] > Sent: Wednesday, December 13, 2000 7:53 PM > To: Andrew Wu > Cc: 'James_Huang@Mitel.COM'; mpls@UU.NET; nbvpn@bbo.com > Subject: Re: How to map a packet to a VRF for route lookup? > > > Perhaps James is drawing attention to the ambiguity of the first > section stating that VRFs are per _site_, but the second section > stating that VRFs are per _interface_ (allowing for multiple > connections from the same site to be treated independently). > > > ben > > On Wed, Dec 13, 2000 at 04:48:28PM -0800, Andrew Wu wrote: > > Here is my quick take on this: > > > > Typically, one (sub)interface on a PE is connected > > to one CE device and that the (sub)interface at same > > time is associated with one VRF on the PE. So the > > packets coming from the (sub)interface will > > be forwarded upon the result of the lookup in that > > VRF(the (sub)interface is associated with ). > > > > On a PE: > > =========================== > > (sub)interface1----> VRF1 > > > > > > (sub)interface2 ----> VRF2 > > > > ^ > > | > > | > > (sub)interface2 > > > > > > -andrew > > > > -----Original Message----- > > From: James_Huang@Mitel.COM [mailto:James_Huang@Mitel.COM] > > Sent: Wednesday, December 13, 2000 4:22 PM > > To: mpls@UU.NET > > Subject: How to map a packet to a VRF for route lookup? > > > > > > Hi all, > > I am very confused by the description in RFC2547bis > with regarding to > > the > > association of VRFs and CE sites. In section 1.3 of RFC2547bis, the > > following > > description is given: > > "Each PE router maintains a number of separate > forwarding tables. > > Every site to which the PE is attached must be mapped > to one of those > > forwarding tables." > > > > Also in section 3, the following text is given: > > Each PE router maintains one or more "per-site > forwarding tables." > > These are known as VRFs, or "VPN Routing and > Forwarding" tables. > > Every site to which the PE router is attached is > associated with one > > of these tables. A particular packet's IP destination > address is > > looked up in a particular VRF only if that packet has arrived > > directly from a site which is associated with that table. > > > > From these descriptions, one would conclude that a CE site is > > associated > > with exactly one VRF. But the description in another > paragraph of section > > 1.3 > > seems to indicate otherwise: > > A PE router is attached to a site by virtue of being > the endpoint of > > an interface or "sub-interface" (PVC, VLAN, GRE > tunnel, etc.) whose > > other endpoint is a CE device. If there are multiple > attachments > > between a site and a PE router, all the attachments > may be mapped to > > the same forwarding table, or different attachments > may be mapped to > > different forwarding tables. When a PE router > receives a packet from > > a CE device, it knows the interface or sub-interface > over which the > > packet arrived, and this determines the forwarding > table used for > > processing that packet. The choice of forwarding table is NOT > > determined by the user content of the packet. > > > > The above description seems to associate an interface > or subinterface > > with > > a VRF. > > Am I missing somethin here? > > > > > > -- James Huang > > > > -- > what great thing would you attempt if you knew you could not fail? > |
|