RFC 4364 - BGP/MPLS IP Virtual Private Networks (VPNs)(About Route Distinguisher)
…
4.1. The VPN-IPv4 Address Family
The BGP Multiprotocol Extensions [BGP-MP] allow BGP to carry routes
from multiple "address families". We introduce the notion of the
"VPN-IPv4 address family". A VPN-IPv4 address is a 12-byte quantity,
beginning with an 8-byte Route Distinguisher (RD) and ending with a
4-byte IPv4 address. If several VPNs use the same IPv4 address
prefix, the PEs translate these into unique VPN-IPv4 address
prefixes. This ensures that if the same address is used in several
different VPNs, it is possible for BGP to carry several completely
different routes to that address, one for each VPN.
Since VPN-IPv4 addresses and IPv4 addresses are different address
families, BGP never treats them as comparable addresses.
An RD is simply a number, and it does not contain any inherent
information; it does not identify the origin of the route or the set
of VPNs to which the route is to be distributed. The purpose of the
RD is solely to allow one to create distinct routes to a common IPv4
address prefix. Other means are used to determine where to
redistribute the route (see Section 4.3).
The RD can also be used to create multiple different routes to the
very same system. We have already discussed a situation in which the
route to a particular server should be different for intranet traffic
than for extranet traffic. This can be achieved by creating two
different VPN-IPv4 routes that have the same IPv4 part, but different
RDs. This allows BGP to install multiple different routes to the
same system, and allows policy to be used (see Section 4.3.5) to
decide which packets use which route.
The RDs are structured so that every Service Provider can administer
its own "numbering space" (i.e., can make its own assignments of
RDs), without conflicting with the RD assignments made by any other
Service Provider. An RD consists of three fields: a 2-byte type
field, an administrator field, and an assigned number field. The
value of the type field determines the lengths of the other two
fields, as well as the semantics of the administrator field. The
administrator field identifies an assigned number authority, and the
assigned number field contains a number that has been assigned, by
the identified authority, for a particular purpose. For example, one
could have an RD whose administrator field contains an Autonomous
System number (ASN), and whose (4-byte) number field contains a
number assigned by the SP to whom that ASN belongs (having been
assigned to that SP by the appropriate authority).
RDs are given this structure in order to ensure that an SP that
provides VPN backbone service can always create a unique RD when it
Rosen & Rekhter Standards Track [Page 13]
RFC 4364 BGP/MPLS IP VPNs February 2006
needs to do so. However, the structure is not meaningful to BGP;
when BGP compares two such address prefixes, it ignores the structure
entirely.
A PE needs to be configured such that routes that lead to a
particular CE become associated with a particular RD. The
configuration may cause all routes leading to the same CE to be
associated with the same RD, or it may cause different routes to be
associated with different RDs, even if they lead to the same CE.
4.2. Encoding of Route Distinguishers
As stated, a VPN-IPv4 address consists of an 8-byte Route
Distinguisher followed by a 4-byte IPv4 address. The RDs are encoded
as follows:
- Type Field: 2 bytes
- Value Field: 6 bytes
The interpretation of the Value field depends on the value of the
type field. At the present time, three values of the type field are
defined: 0, 1, and 2.
- Type 0: The Value field consists of two subfields:
* Administrator subfield: 2 bytes
* Assigned Number subfield: 4 bytes
The Administrator subfield must contain an Autonomous System
number. If this ASN is from the public ASN space, it must have
been assigned by the appropriate authority (use of ASN values
from the private ASN space is strongly discouraged). The
Assigned Number subfield contains a number from a numbering space
that is administered by the enterprise to which the ASN has been
assigned by an appropriate authority.
- Type 1: The Value field consists of two subfields:
* Administrator subfield: 4 bytes
* Assigned Number subfield: 2 bytes
The Administrator subfield must contain an IP address. If this
IP address is from the public IP address space, it must have been
assigned by an appropriate authority (use of addresses from the
private IP address space is strongly discouraged). The Assigned
Number subfield contains a number from a numbering space which is
administered by the enterprise to which the IP address has been
assigned.
Rosen & Rekhter Standards Track [Page 14]
RFC 4364 BGP/MPLS IP VPNs February 2006
- Type 2: The Value field consists of two subfields:
* Administrator subfield: 4 bytes
* Assigned Number subfield: 2 bytes
The Administrator subfield must contain a 4-byte Autonomous
System number [BGP-AS4]. If this ASN is from the public ASN
space, it must have been assigned by the appropriate authority
(use of ASN values from the private ASN space is strongly
discouraged). The Assigned Number subfield contains a number
from a numbering space which is administered by the enterprise to
which the ASN has been assigned by an appropriate authority.
…
4.1. The VPN-IPv4 Address Family
The BGP Multiprotocol Extensions [BGP-MP] allow BGP to carry routes
from multiple "address families". We introduce the notion of the
"VPN-IPv4 address family". A VPN-IPv4 address is a 12-byte quantity,
beginning with an 8-byte Route Distinguisher (RD) and ending with a
4-byte IPv4 address. If several VPNs use the same IPv4 address
prefix, the PEs translate these into unique VPN-IPv4 address
prefixes. This ensures that if the same address is used in several
different VPNs, it is possible for BGP to carry several completely
different routes to that address, one for each VPN.
Since VPN-IPv4 addresses and IPv4 addresses are different address
families, BGP never treats them as comparable addresses.
An RD is simply a number, and it does not contain any inherent
information; it does not identify the origin of the route or the set
of VPNs to which the route is to be distributed. The purpose of the
RD is solely to allow one to create distinct routes to a common IPv4
address prefix. Other means are used to determine where to
redistribute the route (see Section 4.3).
The RD can also be used to create multiple different routes to the
very same system. We have already discussed a situation in which the
route to a particular server should be different for intranet traffic
than for extranet traffic. This can be achieved by creating two
different VPN-IPv4 routes that have the same IPv4 part, but different
RDs. This allows BGP to install multiple different routes to the
same system, and allows policy to be used (see Section 4.3.5) to
decide which packets use which route.
The RDs are structured so that every Service Provider can administer
its own "numbering space" (i.e., can make its own assignments of
RDs), without conflicting with the RD assignments made by any other
Service Provider. An RD consists of three fields: a 2-byte type
field, an administrator field, and an assigned number field. The
value of the type field determines the lengths of the other two
fields, as well as the semantics of the administrator field. The
administrator field identifies an assigned number authority, and the
assigned number field contains a number that has been assigned, by
the identified authority, for a particular purpose. For example, one
could have an RD whose administrator field contains an Autonomous
System number (ASN), and whose (4-byte) number field contains a
number assigned by the SP to whom that ASN belongs (having been
assigned to that SP by the appropriate authority).
RDs are given this structure in order to ensure that an SP that
provides VPN backbone service can always create a unique RD when it
Rosen & Rekhter Standards Track [Page 13]
RFC 4364 BGP/MPLS IP VPNs February 2006
needs to do so. However, the structure is not meaningful to BGP;
when BGP compares two such address prefixes, it ignores the structure
entirely.
A PE needs to be configured such that routes that lead to a
particular CE become associated with a particular RD. The
configuration may cause all routes leading to the same CE to be
associated with the same RD, or it may cause different routes to be
associated with different RDs, even if they lead to the same CE.
4.2. Encoding of Route Distinguishers
As stated, a VPN-IPv4 address consists of an 8-byte Route
Distinguisher followed by a 4-byte IPv4 address. The RDs are encoded
as follows:
- Type Field: 2 bytes
- Value Field: 6 bytes
The interpretation of the Value field depends on the value of the
type field. At the present time, three values of the type field are
defined: 0, 1, and 2.
- Type 0: The Value field consists of two subfields:
* Administrator subfield: 2 bytes
* Assigned Number subfield: 4 bytes
The Administrator subfield must contain an Autonomous System
number. If this ASN is from the public ASN space, it must have
been assigned by the appropriate authority (use of ASN values
from the private ASN space is strongly discouraged). The
Assigned Number subfield contains a number from a numbering space
that is administered by the enterprise to which the ASN has been
assigned by an appropriate authority.
- Type 1: The Value field consists of two subfields:
* Administrator subfield: 4 bytes
* Assigned Number subfield: 2 bytes
The Administrator subfield must contain an IP address. If this
IP address is from the public IP address space, it must have been
assigned by an appropriate authority (use of addresses from the
private IP address space is strongly discouraged). The Assigned
Number subfield contains a number from a numbering space which is
administered by the enterprise to which the IP address has been
assigned.
Rosen & Rekhter Standards Track [Page 14]
RFC 4364 BGP/MPLS IP VPNs February 2006
- Type 2: The Value field consists of two subfields:
* Administrator subfield: 4 bytes
* Assigned Number subfield: 2 bytes
The Administrator subfield must contain a 4-byte Autonomous
System number [BGP-AS4]. If this ASN is from the public ASN
space, it must have been assigned by the appropriate authority
(use of ASN values from the private ASN space is strongly
discouraged). The Assigned Number subfield contains a number
from a numbering space which is administered by the enterprise to
which the ASN has been assigned by an appropriate authority.
…
Comments