Abstract
One of the most common provider provisioned VPN technologies uses MPLS as a data plane for customer flow isolation and BGP as a control plane for routing between VPN sites. From a data plane perspective, such networks can provision hundreds of thousands of VPN sites. However, the BGP control plane is prone to scalability concerns. Some BGP routers in VPN backbones must handle routes for all the VPN sites that the provider connects. The number of sites can generate two million BGP routes in large VPN backbones, almost ten times the number of routes in a core Internet router. Prior work proposed solutions to evolve such networks. Yet, we argue that they fail to address the root cause of VPN routing performance issues. In this paper, we show that VPN routing scheme's poor scalability stems from the application to VPNs of a protocol originally designed for full routing, specifically the Internet. Rather than evolving the current standard based on BGP, we take a principled approach to rethink routing in large VPNs. We propose Two-Step VPN Routing, a new approach for scalable VPN routing. We validate our design choices and compare our approach to existing ones, using both BGP updates and router configurations collected from a large VPN provider.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
