Figure 85: Route Target Configuration for a Hub-and-Spoke VPN
Overlapping VPNs
In an overlapping VPN, a site is a member of more than one VPN. For example, in
Figure 86 on page 408, the middle site is a member of both VPN A and VPN B. In
other words, that site can communicate with all other VPN A sites and all other VPN
B sites. An overlapping VPN is often used to provide centralized services. The central
site might contain DNS servers or WWW servers or management stations that need
to be reachable from multiple VPNs. Overlapping IPv4 and IPv6 VPNs are supported
by the same route-target mechanism.
Figure 86: Site Connectivity in an Overlapping VPN
Figure 87 on page 409 shows how to configure the VRF import and export route
targets to build an overlapping VPN. In this example, the export and import route
targets are different for VPN A and VPN B. Therefore, VPN A does not accept routes
from VPN B and VPN B does not accept routes from VPN A.
The import route target list for the overlapping VPN AB includes both 100:10 and
100:20. VPN AB can therefore accept routes advertised by any site in either VPN A
or VPN B. Because the VPN AB export route target list also includes both 100:10 and
100:20, every route advertised by VPN AB can be accepted by any site in either VPN
A or VPN B.
408 â– Using Route Targets to Configure VPN Topologies
JUNOSe 11.1.x BGP and MPLS Configuration Guide
To Next Page
Loading...
Need help?
General
