Hello Ali
When PE2 receives the packet, it examines the VPN label. Using the configured route targets, it “attaches” that VPN to the VRF. Once that is known, the VPN label is popped, and the next hop router (customer router) is determined via the VRF, and the packet is forwarded.
I hope this has been helpful!
Laz
Hello.
I might still not understand the difference between RD and RT.
We want to make sure that the routes are unique. So, we use different RDs for each customer.
So why did you say we still need RT? Do we need RT because each customer may have different VRFs? Or even if each of our customers has one VRF, we still need RT?
Hello Part
The difference between the RD and RT can be confusing, and it is a common issue required to get your head around.
In an MPLS Layer 3 VPN environment, both the RD and the RT are used to facilitate the exchange of routing information between different VPNs and customers across a shared MPLS network. Each one serves a different purpose:
The RD is a unique identifier added to the customer’s prefix to create a unique VPNv4 address. This address is used to differentiate between routes from different VPNs or customers with overlapping IP address space. RDs ensure that the MPLS network can distinguish between routes from different customers even if they use the same IP address prefixes.
For example, when you see the VPNv4 address of 123:10 192.168.1.0/24, it is unique within the whole MPLS topology, and PE routers know to which customer it belongs.
Now an RT on the other hand is actually a BGP extended community attribute that is used to control the distribution of VPN routing information between PE routers. The RT acts as a tag for VPN routes, and it is attached to the BGP update messages. There are two types of Route Targets: import RT and export RT.
So the RT is involved in corresponding the VPNv4 addresses with the appropriate VRF, allowing the import and export of those routes to the appropriate VRF.
So then an RD is used to create unique VPNv4 addresses to differentiate overlapping routes from different customers, while the RTs are used to control the distribution of VPN routes to the appropriate VRFs between PE routers.
I hope this has been helpful!
Laz
Hello Rene,
You did very good Excellent the explanations but i think when you do explanation with real lab i mean configuration then it will be very perfect.
Regard
MBN
Hello Mohamad
I’d like to thank you on behalf of Rene for your kind words. This particular lesson is used just to introduce the concept of MPLS Layer 3 VPNs. In the very next lesson, you will see this feature being configured on a topology with configurations. You can take a look at that lesson at the following link:
And in many subsequent lessons after that, you will see how MPLS L3 VPN can be configured with various other scenarios, including using multiple routing protocols between the PE and CE devices.
I hope this has been helpful!
Laz
Hi Laz,
In the statement “Do you want to give customer B access to the networks behind CE3 of customer A? Just import and export some RTs and it’s done.” How it is configured?
Thanks
Ariel
Hello Ariel
This particular lesson describes the MPLS Layer 3 VPN configuration in theory. If you want to see how it can practically be implemented, take a look at the very next lesson in the series:
There you will get the answer to your question, and a whole lot more. The subsequent lessons further describe how to configure MPLS L3 VPN with various routing scenarios and options.
I hope this has been helpful!
Laz
Hello, everyone!
I’ve gone over this article several times and I am kind of still confused… 
Especially when it comes to RDs and RTs.
Following this topology
PE1 advertises the 192.168.1.0/24 prefixes to PE2 and PE2 has no clue to which customer this is destined for. Rene then said that RDs can be used to create unique prefixes.
This is the part that confuses me. Why is both RT and RD needed? Why can’t we just use one that will be able to tell the router which VRF the prefix is destined for?
Why couldn’t we just say
“Hey, everything identified by RD 113:10 should be sent to VRF-A”.
I’ve gone through a lot of explanations on the internet and it still confuses me a bit because I’m having trouble visualizing it. Could someone explain this to me?
Thank you in advance.
David
Hello David
Indeed, the roles of RTs and RDs and the difference between them is not that simple to understand.
Route Distinguishers are used to allow PE routers to determine to which customer a particular prefix belongs.
Route Targets are used to allow PE routers to control the distribution of VPN routes to the appropriate VRF.
Take a look at the following NetworkLessons notes for more details, and if you have further questions feel free to ask!
This post may also be useful:
I hope this has been helpful!
Laz
Hi Rene,
I am having trouble understanding the difference between RT and VPN label. The lesson mentions: “We use something called a RT (Route Target) to decide in which VRF we import and export VPNv4 routes.”
If we have RT, why do we need a VPN label? If both RT and VPN labels are advertised from PE1 to PE2, why do we need VPN label?
Hello Janhavi
The concept of RTs and VPN labels can get confusing. The distinction between the roles of VPN labels and RTs in MPLS L3 VPNs essentially boils down to the separation of control plane and data plane functionalities.
While it might seem redundant to have both VPN labels and RTs, this separation provides robustness, flexibility, and scalability to MPLS L3 VPNs. Does that make sense?
I hope this has been helpful!
Laz
Hello,
Why P Route changed Label to 16 and not 19?
Hello Karen
Labels in an MPLS topology are assigned dynamically using LDP. There is no specific meaning to each label, however, the labels have only a local significance. So if during a label swap, a particular number is used instead of another, it really makes no difference.
I was looking at the lesson and I was unable to find the instance where a label of 16 was assigned instead of 19. If I have not sufficiently answered your question, can you clarify what particular situation in the lesson you are referring to?
I hope this has been helpful!
Laz
Thanks Lazaros for response,
So when you say dynamically - you imply that number of label can be random? it could be 19 or it could be 25?
I just though that it starts with 16 and is always swamped with next digit for example 16 , then 17 , then 18 . 19 etc…
Hello Karen
Well, it’s not quite random, but it is definitely not sequential. Label swapping is a fundamental part of MPLS operation, but the label numbers used in this process are determined by each router independently and are based on their local label information base (LIB), rather than following a sequential order.
Keep in mind that each router in the network independently assigns labels for the routes it knows about. This assignment is based on the router’s local policies and the label space available to it.
As a result, the label numbers assigned by different routers for the same destination are usually different and do not follow a sequential pattern.
As a packet traverses an MPLS network, each router along its path swaps the incoming label with a new label before forwarding the packet to the next router. This swapping process is based on the router’s label forwarding information base (LFIB), which contains mappings of incoming labels to outgoing labels and next hops. The outgoing label is chosen by the router to ensure proper forwarding along the predetermined path, but it is not related to the incoming label in a sequential manner.
I hope this has been helpful!
Laz
Lets say on one PE router, I have 2 customers A & B.
And I have MPLS L3 VPNs configured, So if customer A advertises 10 different Routes to PE, Will PE create 10 different VPNv4 Labels or will use one single VPNv4 Label?
Hello Kiran
In MPLS L3 VPNs, each route received by the PE router from a customer will be assigned a unique VPNv4 label. So, if customer A advertises 10 different routes to the PE router, the PE router will create 10 different VPNv4 labels, one for each route. This is because the PE router needs to keep track of each individual route separately for forwarding purposes. This process is essential for maintaining the isolation between different VPNs on the same PE router.
I hope this has been helpful!
Laz
Hi team,
I have a question regarding RT and VPN4 label.
For any prefix, RT is used so that the desired vrf gets to know that this prefix is a part of itself. And vrf will deliver the packet to right destination.
What actually is the use of vpn label here?
Hello Hilal
The VPN label, or more correctly the VPNv4 label, is actually an MPLS label that is used to segregate traffic from different VPNs and to ensure that packets reach their intended VPN destination.
When a packet enters the MPLS network, the ingress PE router assigns two labels to the packet. The top label, also known as the transport label, is used by the P routers in the MPLS core to forward the packet to the correct egress PE router.
The second label, or the bottom label, or the VPNv4 label, is used by the egress PE router to forward the packet to the correct VPN. This label helps in identifying the VPN to which the packet belongs, especially in scenarios where the same IP address space is used in multiple VPNs. The VPNv4 label is used in the data plane.
The RT however is used for VPN membership identification during the route exchange process. This takes place on the control plane. Does that make sense?
I hope this has been helpful!
Laz
