How to secure your job: Implement MPLS VPNs


Click here to start


Table of Contents

How to secure your job: Implement MPLS VPNs

Agenda

Agenda

The idea behind this talk

Agenda

Lessons learned

Lessons learned

Agenda

MPLS - Label Switch Path LSP

MPLS - VPN

MPLS - VPN Routing

MPLS - VPN Forwarding

Agenda

Service Architecture

Lego-Brick #1: Full-Mesh VPN

Lego-Brick #1: Full-Mesh VPN

Lego-Brick #2: Hub & Spoke VPN

Lego-Brick #2: Hub & Spoke VPN

Lego-Brick #3: Conduits

Lego-Brick #4: Adapters

The four Network Building Blocks

Multiple VPNs per Customer

Dial-Up Sites

Standard VPN IAS

Managed Firewall IAS

Managed Firewall IAS for PN

Redundant Load Sharing PN

Disaster Recovery VPN

PN Dial Backup

PartnerNet

Agenda

How to choose a RD and RT scheme

How to choose a RD and RT scheme

Agenda

The use of Route-Reflectors

Agenda

Traceroute is no longer your friend

A multi ISP enviroment

Customer complains about strange Traceroute results

What a professional troubleshooter told us :-)

The real reason

But how to explain this to a customer?

MPLS-aware traceroute

Agenda

Configuration Integrity

Configuration Integrity

Configuration Integrity

Secure your PE VTYs!

Secure your PE VTYs!

Secure your PE VTYs!

That’s it!

 Author: Roger Gottsponer

Email: webmaster@ripe.net