The PE router provisions the customer circuit as a logical unit towards the CE device within a VRF that’s created for each CE device. The PE provisions four elements for each CE site; local site ID, logical interface, interface encapsulation and a label base. The label base is used to associate inbound traffic with the locally provisioned circuit. Based on this process the PE receives MP-BGP NLRI updates from remote sites with their information for their circuits which would contain remote site ID, remote label base and layer 2 encapsulation.
The VPN NRLI is a subset of the information contained as a connection table in each VRF. One VPN NRLI is sent per VPN site and combination of local and remote NLRI information allows the PE to map traffic and circuits across the LSPs connecting the PEs together.
The following process allows the PE routers to exchange NRLIs and map labels to local circuits within their VRF connection tables. For a single circuit both PEs send NRLIs to each other with their respective label base, block, offset and site id. For auto provisioning the order in which the circuits are provisioned towards the CE is important as labels are allocated locally from the label block in order of circuit.
To provision the L2 VPN the following must be met :
- A VRF is configured for each local CE site
- Import and export route targets are configured
- A site id must specifically identify the local site in context of that particular VPN
- A label range (or label block) is defined (this defines the maximum number of CE devices remotely connected by the L2 VPN)
- The label base is defined and assigned to the first sub interface ID. The router reserves at set of contiguous labels that are defined by the label range/block
- Sub interfaces are configured and a label from the label block is assigned contiguously to each sub interface and advertised outwards to remote VPN members (VLANs)
One VPN can connect many sites together using multiple interfaces towards each CE and then adding them to the VRF configuration as a site.
Layer 2 NRLI :
One NRLI is sent per label block. Contains a circuit status vector that can detect a failure within a specific local circuit. When a circuit is detected as failed a BGP NRLI is sent to the remote PE to inform them that the remote PE to CE circuit has failed.