Detection of MPLS L3 VPN Misconfiguration [R C Hansdah, CSA]

Misconfigured MPLS L3 VPNs violate customer’s privacy and security. With Multi-VRF feature on the CE, it is now possible to support multiple routing domains. A CE device in redundant configuration having multihomed connections to PE routers adds to the complexity, thus increasing the reasonable probability of misconfiguration. In this work, we extend the MINA algorithm using a heuristic-based approach to detect misconfiguration in Multi-VRF, Multi-homed, site-redundant CE environments. We effectively utilize both control-plane and data-plane information to detect one-way and discover two-way RT misconfiguration. The proposed heuristic method (NAMDIM) can further detect the probable location/site and of this misconfiguration.

References:

P. D. Ojha and R. C. Hansdah, “A Heuristic Approach to Detect MPLS L3 VPN Misconfiguration in Multi-homed Multi-VRF Site-redundant CE Environments”, IEEE Transactions on Network Service and Management, Vol. 18, No. 2, June 2021, pp. 2294-2307.

Website: https://doi.org/10.1109/TNSM.2020.3009301

Click image to view enlarged version

Scroll Up