1
Introduction
2 Scope
3 References
3.1 Normative references
3.2 Informative references
4 Abbreviations
5 Network-based IP VPN over MPLS
reference model
6 Service definition
6.1 Functional definition of a
"network-based IP VPN (over MPLS)"
6.2 Quantitative definition of a
"network-based IP VPN (over MPLS)"
7 Service requirements
7.1 Multi-vendor interoperability
7.2 Service management capabilities
7.2.1 Network connectivity
7.2.2 Service monitoring
7.2.3 Security management features
7.2.4 SLA and QoS management features
7.3 Security functions
7.3.1 Introduction
7.3.2 VPN isolation
7.3.3 VPN user identification
7.3.4 VPN user authentication
7.3.5 Securing the flows
7.3.6 Peer identification
7.3.7 Peer authentication
7.3.8 Site protection
7.4 Support of various Quality of
Service requirements
7.5 Support of various routing
protocols (at edge and core levels of the SP network)
7.6 Scalable routing capabilities
7.7 Auto-discovery
7.8 Support of various types of
customer IP traffic
7.9 Support of various VPN topologies
7.10 Support of various customer access
scenarios
7.11 CE access to PE
7.12 Addressing requirements and
support of various IP numbering schemes 7.13 Support of various service
deployment scenarios
7.14 Support of alliances of VPNs
7.15 The solution should allow
outsourcing of IP services (e.g. DNS, DHCP)
7.16 Reliability and fault tolerance
7.17 Efficiency (customer and network
resource utilization)
7.18 No dependency on the physical or
link layer of the Service Provider backbone
7.19 (Economically and technically)
smooth migration of customers from pre-existing VPN service offerings
7.20 Support of interworking functions between
MPLS-based VPN technology and other VPN technologies
7.21 Some numerical assumptions for a
network-based IP VPN Service Provider offering
7.22 A VPN solution may support the
following service requirements
8 Framework architecture
8.1 Learning customer-site
reachability information
8.2 Distributing VPN reachability
information
8.3 Constrained distribution of
routing information
8.4 LSP tunnelling establishment and
usage
9 Approaches for support of network-based
IP VPN services
9.1 BGP/MPLS VPN approach
9.2 Virtual Router approach
9.2.1 Virtual Router
9.2.2 VR‑based VPN architecture building blocks
9.2.3 VR-based VPNs deployment scenarios
9.2.4 VPN reachability determination
9.2.5 VPN membership and topology determination
9.2.6 Operations and management
9.2.7 Security considerations
9.2.8 VPN Quality of Service
9.2.9 Scalability
9.2.10 Hierarchical relationship between VR-based VPNs
10 QoS approaches
10.1 "Point-to-Cloud" SLS
10.2 "Point-to-Point" SLS
10.2.1 "Point-to-Point" SLS via resource allocation policies
10.2.2 "Point-to-Point" SLS via resource allocation policies and
additional mechanisms (explicit in-band admission control, constraint-based
routing)
10.3 "CoS transparency" 11 Inter-Autonomous System (Inter-Service Provider) VPN
12 Interworking
12.1 Interworking
between different solutions
12.1.1 Motivation for interworking among MPLS VPNs
12.1.2 Assumptions
12.1.3 Functional capabilities for interworking among MPLS VPNs
12.2 Service interworking with other
VPN architectures
Annex A - MPLS VPNs over non-MPLS core network
infrastructures
Appendix I - Examples
of service interworking with other VPN architectures
Appendix II - Bibliography