The Need for MPLS WAN Layer 3 Visibility

L3 MPLS VPN services are often viewed by enterprises as IP-enabled replacements for traditional Frame Relay WAN services that allow for a more cost-effective site-to-site connectivity. Yet L3 MPLS VPNs introduce a completely new aspect of WAN service delivery that is ignored by Service Provider SLA’s and invisible to traditional enterprise network management systems - IP routing. When enterprises take advantage of L3 MPLS VPNs, they are relying on the Service Provider not only for connectivity and traffic delivery, but also for proper IP backbone routing between the VPN-connected sites. This includes ensuring that easily misconfigured routing between the enterprise’s Customer Edge (CE) routers and the Service Provider‘s Provider Edge (PE) routers is stable and compliant with the enterprise’s specified routing policies, as well as maintaining accurate exchange of critical IP network reachability information across the VPN between all connected sites. Since enterprises have no routing visibility into the VPN network connecting their sites, network managers are forced to carry out monitoring and troubleshooting processes without any knowledge of the outsourced IP routing service that comprises their WAN.

The importance of proper routing and reachability as managed aspects of a L3 MPLS VPN network cannot be underestimated. It is possible for all WAN interfaces to be reported as “up” using traditional management techniques, yet enterprises can experience down or unstable VPN routing, site-to-site IP reachability outages, compromised routing policies, route leakage from other VPNs, and even entire VPN failures that go undetected by traditional network management systems, yet severely impact application traffic delivery.