Definitive MPLS Network Designs [Electronic resources] نسخه متنی

Design Lessons to Be Taken from EuroBank

A number of lessons can be drawn from the EuroBank design discussion:

Enterprise networks with requirements such as integration of multiple separate networks, isolation of subsidiaries, selective communications with shared resources, overlapping addresses, and consolidation of data centers can address these issues very effectively by deploying Layer 3 MPLS VPN technology in their intranet.

Where they are more cost-effective, Layer 3 MPLS VPN services from service providers can be used to attach some of the locations. These can be seamlessly integrated with the Enterprise's own Layer 3 MPLS VPN service.

The concept of multi-VRF CE routers can be used to extend the reach of multiple VPNs to a location that does not run MPLS.

If encryption is required in the Enterprise, IPSec may be used in combination with Layer 3 MPLS VPN service to provide secure connectivity to the VPN.

VoIP telephony services, whether operated by the Enterprise itself or managed by a TSP on behalf of the Enterprise, offer any-to-any voice connectivity across VPNs. They do this through the use of VPN-aware Firewall (FW)/NAT techniques including voice-specific ALG and thus without compromising VPN isolation. These telephony services also offer significant cost savings for off-net calls through optimum voice routing, minimizing the use of the PSTN.

Layer 3 MPLS VPN is a key enabling technology for TSPs themselves. It allows them to securely isolate all the telephony service customers from one another while allowing each of those to access shared telephony resources such as gateways. This allows off-net connection to and from the PSTN.

Layer 3 MPLS VPN offers a flexible way for a VPN to access dedicated servers while allowing a set of VPNs to access applications hosted on shared servers.

Flexible QoS approaches can be used to address the great variety of application requirements over a mix of highly congested, moderately congested, and completely uncongested links that may be found in an Enterprise network. For example, a large number of classes (nine in this example) can be defined. Then these classes can be grouped into a smaller number of queues, depending on the link type (six queues on sub-100-Mbps links, three queues on 100+ Mbps links, and one queue on Gigabit links in this example).

Simple routing design allows for convergence of a few seconds (5 seconds in this example) to handle the cases of router and unprotected link failures.

Protocols such as HSRP and GLBP allow for dynamic rerouting in case of router failures within a few seconds as well as load balancing the host-to-POP traffic. In some cases, such as the office locations in the EuroBank network, these protocols need to be VRF-aware. In other words, they must be able to run in a VRF context.