Cisco Systems OL-4344-01 manual Customer’s and Provider’s View of the Network

Page 9

Chapter 1 About Cisco IP Solution Center

The Customer’s and Provider’s View of the Network

The Customer’s and Provider’s View of the Network

From the customer’s point of view, they see their internal routers communicating with their customer edge routers (CEs) from one site to another through a VPN managed by the service provider (see Figure 1-5).

Figure 1-5 The Customer’s View of the Network

CE

Gadgets, Inc.

Seattle

Service provider

network

Gadgets, Inc's VPN

CE

28554

Gadgets, Inc.

Chicago

CE

Gadgets, Inc.

New York City

This simple view of the customer’s network is the advantage of employing VPNs: the customer experiences direct communication to their sites as though they had their own private network, even though their traffic is traversing a public network infrastructure and they are sharing that infrastructure with other businesses.

The service provider’s view of the network is naturally very different, as shown in Figure 1-6. This illustration shows two different customers, with each customer having a single VPN. A customer can, however, have multiple VPNs.

Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0

	OL-4344-01	1-9

Image 9

Contents About Cisco IP Solution Center ISC Network Management Subnet Overview of ISCISC Features Service Provider Network for Vlan ID Management Resource Pools Access Domain AssignedVPN Service Profile-Based Provisioning Features and Functions Provided in Provisioning with ISCRole-Based Access Control Rbac CPE Customer’s View of the Network Customer’s and Provider’s View of the NetworkAbout Multi-VRF CEs About Provider Edge Routers PEsA Multi-VRF CE Providing Layer 3 Aggregation Mapping IPsec Tunnels to Mpls VPNs Using Templates to Customize Configuration FilesUses for the Template Function Auditing Service RequestsVPNs Sharing Sites About Mpls VPNsIntranets and Extranets Characteristics of Mpls VPNsVPN Routing and Forwarding Tables VRFs Ip vrf site2 rd VRF Implementation ConsiderationsRoute Distinguishers and Route Targets Creating a VRF InstanceCE Routing Communities Route Target CommunitiesHub and Spoke Considerations Address Space and Routing Separation Security Requirements for Mpls VPNsAddress Space Separation Routing SeparationHiding the Mpls Core Structure Securing the Routing Protocol Resistance to AttacksLabel Spoofing Securing the Mpls Core Routing AuthenticationTrusted Devices PE-CE InterfaceLDP Authentication Separation of CE-PE LinksConnectivity Between VPNs Security Through IP Address Resolution MP-BGP Security FeaturesNorth Bound Interface NBI Ensuring VPN IsolationAPI Functionality Supported Distributed Load Balancing NBI BenefitsAPI Approach 11 Simple Flat-Based Server Load Balancing Configuration Client tier Four-Tier System ArchitectureControl tier