© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

Slides:



Advertisements
Similar presentations
Virtual Links: VLANs and Tunneling
Advertisements

Identifying MPLS Applications
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing the MPLS VPN Routing Model.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing MPLS VPN Architecture.
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 E-VPN and Data Center R. Aggarwal
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—8-1 MPLS TE Overview Introducing the TE Concept.
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
Connecting to Remote Networks © 2004 Cisco Systems, Inc. All rights reserved. Using Packet Switching in WANs INTRO v2.0—7-1.
A Flexible Model for Resource Management in Virtual Private Networks Presenter: Huang, Rigao Kang, Yuefang.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Prototyping the WAN Designing and Supporting Computer Networks – Chapter 8.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
SCSC 455 Computer Security Virtual Private Network (VPN)
1 Configuring Virtual Private Networks for Remote Clients and Networks.
1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5.
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.
CCNA 5.0 Planning Guide Chapter 7: Securing Site-to-Site Connectivity
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—3-1 Implementing a Scalable Multiarea Network OSPF- Based Solution Improving Routing Performance.
Internet Protocol Security (IPSec)
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—7-1 Integrating Internet Access with MPLS VPNs Implementing Internet Access as a Separate VPN.
© 2009 Cisco Systems, Inc. All rights reserved.ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Planning the Enterprise-to-ISP Connection.
SMUCSE 8344 MPLS Virtual Private Networks (VPNs).
Copyright Kenneth M. Chipps Ph.D. 1 VPN Last Update
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Categorizing VPNs.
1 © J. Liebeherr, All rights reserved Virtual Private Networks.
Network based IP VPN Architecture using Virtual Routers Jessica Yu CoSine Communications, Inc. Feb. 19 th, 2001.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Virtual Private Network
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
© 2007 AT&T Knowledge Ventures. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Knowledge Ventures. Subsidiaries and affiliates of AT&T.
Selecting a WAN Technology Lecture 4: WAN Devices &Technology.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 7: Securing Site-to-Site Connectivity Connecting Networks.
1 Wide Area Network. 2 What is a WAN? A wide area network (WAN ) is a data communications network that covers a relatively broad geographic area and that.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—1-1 MPLS Concepts Introducing Basic MPLS Concepts.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—2-1 Implementing an EIGRP-Based Solution Configuring and Verifying EIGRP for the Enterprise.
Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.
What Is Needed to Build a VPN? An existing network with servers and workstations Connection to the Internet VPN gateways (i.e., routers, PIX, ASA, VPN.
Autonomicity in Virtual Private Network provisioning for enterprises GLOBECOM Workshops (GC Wkshps), 2010 IEEE.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Cisco Certified Network Associate CCNA Access the WAN Asst.Prof. It-arun.
12-Sep-15 Virtual Private Network. Why the need To transmit files securely without disclosing sensitive information to others in the Internet.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—6-1 Establishing Serial Point-To-Point Connections Introducing Frame Relay.
Copyright ©Universalinet.Com, LLC 2009 Implementing Secure Converged Wide Area Networks ( ISCW) Take-Aways Course 1: Cable (HFC) Technologies.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Emerging Technologies. Emerging Technology Overview  Emerging technologies are those which are just beginning to be adopted or are at the initial acceptance.
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 4: Implement the DiffServ QoS Model.
Virtual Private Networks Warren Toomey. Available WAN Links.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—6-1 Complex MPLS VPNs Introducing Overlapping VPNs.
Generic Routing Encapsulation GRE  GRE is an OSI Layer 3 tunneling protocol: Encapsulates a wide variety of protocol packet types inside.
VPN. What is VPN An arrangement that provides connections between: An arrangement that provides connections between: –Offices –remote workers and –the.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—5-1 Establishing Serial Point-To-Point Connections Introducing Wide-Area Networks.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Providing Teleworker Services Accessing the WAN – Chapter 6.
FINAL YEAR PROJECT. FINAL YEAR PROJECT IMPLEMENTATION OF VPN USING IPSEC.
MPLS Concepts Introducing Basic MPLS Concepts. Outline Overview What Are the Foundations of Traditional IP Routing? Basic MPLS Features Benefits of MPLS.
Virtual Private Networks Ed Wagner CS Overview Introduction Types of VPNs Encrypting and Tunneling Pro/Cons the VPNs Conclusion.
Virtual Private Networks Manraj Sekhon. What is a VPN?
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—2-1 BGP Transit Autonomous Systems Forwarding Packets in a Transit AS.
Network Access for Remote Users Dr John S. Graham ULCC
MULTI-PROTOCOL LABEL SWITCHING By: By: YASHWANT.V YASHWANT.V ROLL NO:20 ROLL NO:20.
VIRTUAL PRIVATE NETWORKS Lab#9. 2 Virtual Private Networks (VPNs)  Institutions often want private networks for security.  Costly! Separate routers,
Virtual Private Network Wo Yan Lam. Overview What is Virtual Private Network Different types of VPN –Remote-Access VPN –Site-to-site VPN Security features.
Virtual Private Network Technology Nikki London COSC 352 March 2, 2010.
Jonathan Brewer Technical Director Araneo Wireless Solutions Layer 3 Tunnels for Broadband Delivery.
Instructor Materials Chapter 1: WAN Concepts
Wide Area Network.
Chapter 1: WAN Concepts Connecting Networks
The Business Value of MPLS VPNs
Presentation transcript:

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-2 Outline Overview Traditional Router-Based Network Connectivity Advantages of VPNs VPN Terminology What Are the VPN Implementation Models? What Are Overlay VPN Technologies? What Are Peer-to-Peer VPN Technologies? What Are the Benefits of VPNs? What Are the Drawbacks of VPNs? Summary

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-3 Traditional Router-Based Networks Traditional router-based networks connect customer sites through routers connected via dedicated point-to-point links.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-4 Virtual Private Networks VPNs replace dedicated point-to-point links with emulated point-to-point links sharing common infrastructure. Customers use VPNs primarily to reduce their operational costs.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-5 VPN Terminology

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-6 VPN Terminology (Cont.)

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-7 VPN Implementation Models VPN services can be offered based on two major models: Overlay VPNs, in which the service provider provides virtual point-to-point links between customer sites Peer-to-peer VPNs, in which the service provider participates in the customer routing

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-8 Overlay VPNs: Hub-and-Spoke Topology

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-9 Overlay VPNs: Redundant Hub-and-Spoke Topology

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-10 Overlay VPNs: Layer 2 Implementation This is the traditional switched WAN solution: The service provider establishes Layer 2 virtual circuits between customer sites. The customer is responsible for all higher layers.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-11 Overlay VPNs: IP Tunneling VPN is implemented with IP-over-IP tunnels: Tunnels are established with GRE or IPsec. GRE is simpler (and quicker); IPsec provides authentication and security.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-12 Overlay VPNs: Layer 2 Forwarding VPN is implemented with PPP-over-IP tunnels. VPN is usually used in access environments (dialup, digital subscriber line).

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-13 Overlay VPNs: Layer 3 Routing The service provider infrastructure appears as point-to-point links to customer routes. Routing protocols run directly between customer routers. The service provider does not see customer routes and is responsible only for providing point-to-point transport of customer data.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-14 Peer-to-Peer VPNs: Implementation Techniques

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-15 Peer-to-Peer VPNs: Packet Filters

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-16 Peer-to-Peer VPNs: Controlled Route Distribution

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-17 Benefits of VPN Implementations Overlay VPN: –Well-known and easy to implement –Service provider does not participate in customer routing –Customer network and service provider network are well-isolated Peer-to-peer VPN: –Guarantees optimum routing between customer sites –Easier to provision an additional VPN –Only sites provisioned, not links between them

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-18 Drawbacks of VPN Implementations Overlay VPN: –Implementing optimum routing requires a full mesh of virtual circuits. –Virtual circuits have to be provisioned manually. –Bandwidth must be provisioned on a site-to-site basis. –Overlay VPNs always incur encapsulation overhead. Peer-to-peer VPN: –The service provider participates in customer routing. –The service provider becomes responsible for customer convergence. –PE routers carry all routes from all customers. –The service provider needs detailed IP routing knowledge.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-19 Summary Traditional router-based networks connect via dedicated point- to-point links. VPNs use emulated point-to-point links sharing a common infrastructure. The two major VPN models are overlay VPN and peer-to-peer VPN. –Overlay VPNs use well-known technologies and are easy to implement. –Overlay VPN virtual circuits must be provisioned manually. –Peer-to-peer VPNs guarantee optimum routing between customer sites. –Peer-to-peer VPNs require that the service provider participate in customer routing.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-20

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.