Internet Service providers (referred to as ISPs hereafter) currently provide Layer 3 Virtual Private Network (VPN) services to customers over the ISP's Multi-Protocol Label Switched (MPLS) networks. In such traditional inter-site VPN(s), the Customer Edge/Customer Premise Edge (CE/CPE) router peers with the ISP controlled Provider Edge/Provider (PE/P) routers in order to propagate enterprise subnets and/or aggregate routes into the operator WAN. The route propagation as well as traffic path management is driven by the operating ISP. ISPs are typically responsible for providing the quality of service (QoS) and guaranteed failover time for these services.
FIG. 1 illustrates one embodiment of the current network topology and method used to provide VPN services to customers over the ISP's MPLS networks. The CER 101, CER 102, CER 103 and CER 104 are customer edge (CE) routers and are part of the customer network. CER 101 is dual-homed with the provider edge (PE) routers PER 104 and PER 105, CER 102 is dual-homed with PER 106 and PER 107, CER 103 is dual-homed with PER 108 and PER 109. Although not illustrated, all of the PEs are connected to various routers in the ISP's core network 110. Various technologies like Multi-protocol label switching (MPLS) etc. may be used in the core network 110 which will help the providers achieve guaranteed QoS and failover time for their IP services. The core network 110 may include a number of provider (P) routers and route reflector(s) for the provider network. It is normally not required for the customer network to have a route reflector in its network for the VPN functionality. The network served by a CER are announced by the CER to its provider edge routers. These provider edge routers would propagate this information to other provider edge routers using MP-BGP. The data traffic originating in the customer network that is destined to remote site of the customer is encapsulated with a VRF label and sent to the remote PE. For example, when a station within site 144 residing in network NW 117 wants to communicate with another station residing in network NW 114 with site 143, the CE router 102 would forward the traffic to one of its PE router 107. The PE router 107 would then encapsulate this packet with a VRF label and a transport header. It would then send the traffic to the remote PE. In this example, it would arrive at PER 104. The PER 104 would then decapsulate the packet by removing any transport headers and the VRF label. It would then send the packet to the right CE router CER 101. The CER then would route this packet towards the destination network NW 114.