Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

How does the Inter-AS MPLS VPN feature work?

Core Issue

The Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) architecture provides service providers with a peer-to-peer model that combines the best features of overlay and peer-to-peer models. Prior to the introduction of the Inter-Autonomous System (Inter-AS) MPLS VPN feature, customer sites had to be connected to a single service provider AS. 

This feature allows a VPN to cross more than one service provider backbone. It enables VPN sites to be connected across multiple service providers using different AS numbers and makes confederations possible within a service provider backbone. This optimizes internal Border Gateway Protocol (iBGP) meshing.


In a normal MPLS VPN scenario, the Customer Edge (CE) routers are connected to the Provider Edge (PE) routers in the same AS. The PE routers exchange VPN routes by using multiprotocol iBGP. This carries the 96-bit VPN version 4 (VPNv4) addresses along with route targets and the associated VPN label.

However, with the Inter-AS MPLS VPN feature, the CE routers are connected to PE routers in a different AS. The PE routers exchange VPN routes with the AS border router in the same AS using multiprotocol iBGP. The AS border routers of the different AS exchange VPN routes using multiprotocol external Border Gateway Protocol (eBGP).

For MPLS VPN to work properly, the VPN label must be allocated by the router. This router is indicated by the next-hop attribute of a route. In BGP, the next-hop attribute of a prefix is changed by a router when it advertises to a neighbor using eBGP. With the Inter-AS MPLS VPN feature, the next-hop address of a VPN route is changed by the AS border router. This occurs when the VPNv4 address is advertised to the border router of the neighboring AS. This is done through multiprotocol eBGP, along with a new label for the route.

The AS border router binds the new label with the label received for the same route. This is done from the PE router that originally advertised the prefix using multiprotocol iBGP and is called Label Switch Path (LSP) stitching. When the AS Boundary Router (ASBR) receives MPLS packets with the specially assigned label, it forwards the packets into the LSP that reaches the final destination. LSP stitching is used in MPLS VPN whenever the BGP next-hop attribute is changed. LSP stitching is done even when next-hop-self is configured for multiprotocol iBGP sessions. The Inter-AS MPLS VPN feature can also be used to divide an individual AS into a multiple sub-AS by using confederations to overcome iBGP full mesh requirements.

For more information about this feature with configuration commands and examples, refer to these documents:

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 06:13 PM
Updated by:
Labels (1)