...
Thanks to VPN-Proxy, MD-VPN service is also capable to deliver its services (L3VPN, point to point layer 2 circuit (i.e. Point-to-Point L2VPN), Multi-point L2VPN) in the same way as L3VPN and GÉANT plus service (i.e. IP packets over a BGPs peering and a VLAN for layer 2 circuit). The usage of VPN-Proxy allows to connect NRENs that are not MPLS enabled.
Difference between the GÉANT VPN services
The purpose of GÉANT plus, L3VPN and MD-VPN GÉANT service are to provide a private interconnection amongst common research and education network users (collaborating on a single research project).
These services as all services delivered by GÉANT will be not used by NRENs directly but delivered by the NRENs or the Regional Network (RN) to end-users. From the end-users point of view these services delivered are the same but from the NREN point of view these services are different in the way that GÉANT delivered them to the NREN and in the border of service. GÉANT plus and L3VPN deliver their service at the border of GÉANT whereas MD-VPN aims to provide the service at end user site (end-to-end service).
Figure 3: MD-VPN service scope
The other important difference is the features that are provided by different services.
Table 1: feature comparison
Features | GÉANT Plus | L3VPN | MD-VPN |
---|---|---|---|
L3VPN | x | x | |
Point-to-point circuits / P2P L2VPN | x | x | |
Point-to-point circuits / P2P L2VPN | x |
MD-VPN Benefit
MD-VPN is an added value services for GÉANT, NRENs and end users
Benefit for end-users
- MD-VPN aim to facilitate educational and research international collaboration establishment
- MD-VPN offers a safer environment for education and research network
Mitigate the risk by providing a closed network for science collaboration;
Save security CAPEX (avoiding firewall) and OPEX on end-users site;
High network performance by avoiding firewall usage;
- MD-VPN provide a bundle of useful services (L3VPN IPv4/v6, P2P L2VPN, multi-point L2VPN) that covers a wide scope of their user needs
Lead time to provision the VPN is very short;
Flexibility (all types of site can be connected, multiple access and path, MD-VPN can be stitched other VPN);
Benefit for NRENs and Regional Networks
- OPEX saving thanks to its VPN multiplex feature and by avoiding manual configuration between NRENs and GÉANT, and between NRENs and RN;
- NO CAPEX is required as it relies on standard already available in NREN routers;
- NRENs provides an original service that cannot be provided by commercial telecoms as MD-VPN is based on collaboration between domains;
- A new way for the NRENs to propose a bundle of useful services that covers a wide scope of their user needs