Network based IP VPN Architecture Using Virtual Routers

Document Type Expired Internet-Draft (individual)
Authors Hamid Ould-Brahim  , Bryan Gleeson  , Gregory Wright  , Timon Sloane  , Richard Bach  , Rick Bubenik  , Alan Young  , Jessica Yu 
Last updated 2001-03-02
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This draft describes a network based VPN architecture using virtual routers. The VPN service is built based on the virtual router (VR) concept, which has exactly the same mechanisms as a physical router, and therefore inherits all existing mechanisms and tools for configuration, operation, accounting, and maintenance. Within a VPN domain, an instance of routing is used to distribute VPN reachability information among VR routers. Any routing protocol can be used, and no VPN-related modifications or extensions are needed to the routing protocol for achieving VPN reachability. Virtual routers can be deployed in different VPN configurations, direct VR to VR connectivity through layer-2 or by aggregating multiple VRs into a single VR combined with IP or MPLS based tunnels. This architecture accommodates different backbone deployment scenarios, e.g. where the service provider owns their own backbone, and where the service provider obtains backbone service from one or more other service providers.


Hamid Ould-Brahim (
Bryan Gleeson (
Gregory Wright (
Timon Sloane (
Richard Bach (
Rick Bubenik (
Alan Young (
Jessica Yu (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)