Design and Implementation of MPLS Layer 3 VPN

Abstract

This paper presents a proposal for the construction and use of MPLS Layer 3 VPNs, with their design for interconnection of physical routers either without traffic redundancy or offering this quality. The incentive for the study and use of VPNs is given not only by the flexibility and privacy that these capabilities can offer to service providers and users, but mainly by the reduced cost they impose when compared to traditional circuits. The rapid growth of new protocols and solutions for implementing both the benefits of traffic engineering and quality of service offers the possibility of exploring noteworthy prospects for VPN implementation in the market scenario. The following topics cover the general design of MPLS Layer 3 VPNs, VPN feature interconnections, the implementation according to the test setup, and finally performance evaluation. The results are of critical importance for the benefits offered to service providers and users, and other events involved when adopting MPLS VPNs in their environments. The results also contribute to the conclusion that the implementation of MPLS VPNs is a migratory phase, given that the cost of an end-to-end VPN connection becomes smaller when we think about the capacity crunch issue in the production of optical equipment for the size of the CPE market.

Introduction

A Virtual Private Network (VPN) allows secure communication over a shared network, typically using the Internet Protocol (IP). While traditional private line VPNs are costly, technologies like IPSec and Multiprotocol Label Switching (MPLS) enable cost-effective and secure VPNs over shared infrastructure. IPSec adds IP-layer security but may degrade performance. MPLS, on the other hand, enhances Quality of Service (QoS) and supports efficient routing and traffic engineering, especially for large networks such as campus environments.

MPLS VPN Structure and Components

MPLS uses label-based routing instead of IP-based routing, allowing traffic separation across customer networks:

• CE (Customer Edge): Owned by the customer; connects to the service provider.

• PE (Provider Edge): Interacts with CE and maintains separate VRFs (Virtual Routing and Forwarding) for different customers.

• P (Provider): Core routers that forward MPLS-labeled packets without maintaining customer-specific information.

Label Distribution Protocol (LDP) and Resource Reservation Protocol (RSVP) manage label allocation for Label-Switched Paths (LSPs). RSVP is favored for real-time services requiring guaranteed bandwidth.

Layer 3 MPLS VPN Characteristics

• L3 MPLS VPNs separate customer traffic using VRFs and BGP extensions.

• PE routers exchange and forward customer routes without exposing them to the public Internet.

• Multiple VPNs can co-exist securely using route distinguishers and target import/export policies.

• Supports redundancy: CE-side, PE-side, and intra-PE.

Implementation and Deployment

• MPLS L3 VPNs are implemented using service provider routers (e.g., Cisco 7200/7206VXR).

• CE routers connect to PEs using routing protocols like OSPF or BGP.

• Lab implementations use spine-leaf topologies and simulation tools like GNS3.

• VRF and MPLS configurations ensure traffic isolation and efficient forwarding.

Purpose and Scope

The paper aims to design, configure, and evaluate L3 MPLS VPNs in simulated environments to understand performance and configuration trade-offs. The focus is on scalability, security, and adaptability for both enterprise and service provider networks.

Conclusion

Towards the end of this paper the study has been done in light of identification and clarification of the structure of MPLS VPN layer 3 and examination of sending traffic with layer 3 Probably L3 MPLS VPNs apply well to remote access in a VPN scenarios, the configuration occur on CE, PE, and P routers to support MPLS L3 VPN functionalities. The implementation of this paper was successfully done by using Graphical Network Simulation (GNS3) as a virtual lab with real cisco 7200 routers IOS images.

References

[1] M. O. Akinsanya, C. C. Ekechi, and C. D. Okeke, \"Virtual private networks (VPN): A conceptual review of security protocols and their application in modern networks,\" Engineering Science & ..., 2024. fepbl.com [2] H. Akter, S. Jahan, S. Saha, and R. H. Faisal, \"Evaluating performances of VPN tunneling protocols based on application service requirements,\" in *Proceedings of the Third*, 2022. researchgate.net [3] F. Abdullah, M. Z. Jamaludin, and M. N. Zakaria, \"Recent trends in MPLS networks: technologies, applications and challenges,\" IET, 2020. wiley.com [4] M. Biabani, N. Yazdani, and H. Fotouhi, \"Developing a Novel Hierarchical VPLS Architecture Using Q-in-Q Tunneling in Router and Switch Design,\" Computers, 2023. mdpi.com [5] K. Gaur, A. Kalla, J. Grover, M. Borhani, and A. Gurtov, \"A survey of virtual private LAN services (VPLS): Past, present and future,\" *Computer Networks*, Elsevier, 2021. sciencedirect.com [6] S. Troia, F. Sapienza, and L. Varé, \"On deep reinforcement learning for traffic engineering in SD-WAN,\" IEEE Journal on Selected Areas in Communications, 2020. polimi.it [7] S. Kumaran, S. Prasad, and N. S. Kumar, \"Implementation and performance analysis of traffic engineered multiprotocol label switching network for IPv6 clients,\" in Conference on Electronics, 2020. [HTML] [8] OZ Mustapha, YF Hu, and R Sheriff, \"Evaluation of bandwidth resource allocation using dynamic LSP and LDP in MPLS for wireless networks,\" Journal of Computing, 2020. researchgate.net [9] R. A. A. P. Soepeno, \"Comprehensive Network Analysis Through a Single Main Network Architecture,\" 2023. researchgate.net [10] NQ Tran, KDL Nguyen, and CDT Thai, \"Implementation and Evaluation of IPSec in an NFV-Based Network,\" in *International Conference on …*, Springer, 2023. [HTML] [11] I. Siddique, \"Comprehensive Network Architectures: Bridging Layer-2 Switching, Layer-3 Routing, and Emerging Digital Systems,\" 2020. ssrn.com [12] E. S. Hassan, A. E. A. Abdelaal, A. S. Oshaba, and A. El-Emary, \"Exploring Complex MPLS VPN Applications: Models and Implementations for Modern Communication Demands,\" 2023. researchsquare.com [13] C. R. Komala, M. Hema, and H. R. Goyal, \"Performance Evaluation of VPNS over MPLS-Linux Networks,\" in … on Advances in …, 2023. [HTML] [14] J. C. Mwape, \"Performance evaluation of internet protocol security (IPSec) over multiprotocol label switching (MPLS).,\" 2024. dspace.unza.zm [15] J. Jasmine and N. Yuvaraj, \"DSQLR-A distributed scheduling and QoS localized routing scheme for wireless sensor network,\" in Information Technology, 2022. researchgate.net [16] S. T. Aung and T. Thein, \"Comparative analysis of site-to-site layer 2 virtual private networks,\" in 2020 IEEE Conference on Computer, 2020. meral.edu.mm

Copyright

Copyright © 2025 Ahmad Kalifa Mohamad Hadod, Ashraf Khalifa M. Hadood. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.