CCIE SP MPLS FAQ: Virtual Private Network (VPN) Implementation Options
Figure: Typical Computer Network from 15 Years Ago
Q1. Name the two major implementation models that describe Virtual Private
Network (VPN) connectivity.
Answer: The Overlay model and the peer-to-peer, or network, model.
Q2. Name two possible business problems that can be solved by using a VPN.
Answer: Intra-company connectivity (intranet) and Inter-company connectivity (extranet).
Q3. In the peer-to-peer model, describe the difference between a C network and P network.
Answer: C network refers to the network infrastructure as managed by the VPN client. P network refers to the network infrastructure under control of the service provider.
Q4. Describe two advantages that the peer-to-peer model provides that the Overlay model does not.
Answer: Routing from a customer perspective becomes less complex because a routing adjacency must be maintained at only the entry the site-to-site traffic matrix. It’s simpler to add new sites because there is no need to provision virtual circuits between the sites.
Q5. Using the Overlay model, what is the formula to calculate the number of VCs required between a set of client sites if a full-mesh topology is deployed?
Answer: Number of VCs = [ (n – 1) * n) / 2 ] where n = number of attached devices.
Q6. List three technologies that provide IP-based Overlay VPN connectivity.
Answer: GRE, L2TP, and IPSec.
Q7. Why is the hub-and-spoke topology most often used when the Overlay model is deployed?
Answer: Primarily because of the cost of virtual circuits between sites. To reduce the cost of ownership, one or more hub sites are deployed with all spoke sites attaching through the hub sites.