Virtual Private Networks (i.e., VPNs) provide a secured means for transmitting and receiving data between network nodes even though a corresponding physical network supporting propagation of the data is shared by many users. Typically, the data transmitted between such network nodes (e.g., edge nodes of a service provider network) is encrypted to protect against eavesdropping and tampering by unauthorized parties. Because the physical network is shared, costs of using resources are generally reduced for each of many users.
A physical network such as a service provider network topology may include peripherally located provider edge routers, each of which couples to one or multiple customer edge routers. The customer edge routers, in turn, may couple to private local area networks associated with one or multiple customers. Typically, the service provider network selectively couples the local area networks to each other through links created between its provider edge routers. To support operation, the provider edge routers typically maintain Virtual Routing and Forwarding (VRF) information dictating how to route and forward traffic through the shared physical network to support corresponding VPNs for the different customers.
According to one conventional technique, a service network may be extended beyond provider edge nodes to customer edge nodes. For example, the connectivity model supported by RFC2547 generally enables any CE (Customer Edge) nodes to establish a link between each other for transmission of data messages between corresponding interconnected networks.