The MPLS WG Archive

["Alexander Marhold" <alexander@marhold.at>]

Elwin wrote:
>However, section 1.4 in 2547bis-02 confuses me. It
>states that, so long as the overlapping part of the
>address space does not belong to any of the sites
>which the two VPNs have in common, it should not be
>ambiguous.
>
>Take for example:
>
>VPN-1 = site1, site2, site3
>VPN-2 = site1, site4
>
>Let's assume site2 and site4 have overlapping
>addresses. When a packet destined for a host in site4
>originates from site1, is looked up in PE, how is the
>VRF able to choose between site2 and site4?
>
>Am i missing something here?

YES and NO, but it is not easy to detect
the simple answer is, that you must decide which addresses you will allow 
to enter site1 vrf, so for the overlapping addresses you should decide to
either not import them on site1 at all, or only from site2 and NOT from 
site 4 or vice versa.

Excerpt from DRAFT:
   If two VPNs have no sites in common, then they may have overlapping
   address spaces.  That is, a given address might be used in VPN V1 as
   the address of system S1, but in VPN V2 as the address of a
   completely different system S2.  This is a common situation when the
   VPNs each use an RFC1918 private address space.  
   (In fact, two VPNs
   which do have sites in common may have overlapping address spaces, as
   long as the overlapping part of the address space does not belong to
   any of the sites which the two VPNs have in common.)

Seeing your point I would suggest to  rephrase it that way:
   In fact, two VPNs
   which do have sites in common may have overlapping address spaces, as
   long as the overlapping part of the address space does not belong to
   any of the sites which the two VPNs have in common ...
   ...and those overlapping addresses are not forwarded to shared sites 
   from more than one VPN.)