Don't allow the term to confuse you, Overlay Networks are nothing new and have evolved over time, its just a matter of understanding the operation, today MPLS is the most prominent and the advantages are clear!
There have been two primary VPN models that have been used by Service Providers:
- The overlay model - where the service provider provides emulated leased lines to the customer. The overlay model typically uses the virtual circuits of a Frame Relay or ATM service. The overlay model has advantages such as permitting the duplication of addresses and the isolation of the control and security planes.
- The peer-to-peer model - where the service provider and the customer exchange Layer 3 routing information and the provider relays the data between the customer sites on the optimum path between the sites. Layer 3 MPLS VPNs permit the creation of a peer-to-peer model with many of the advantages of the overlay model, such as the duplication of addresses.
Hi Scott, really make sense your explanation for the term overlay. I was reading your response on the other thread regarding SONET.
And you commented on that link that MPLS is overlay, then i found another post of yours that clears the dark clouds of my understanding for the term overlay.
Thank you so much.
I just hope one day, when CISCO wants you to write a book that you will do the same, stick to the point and clear as a crystal water the explanation.
Because some of the author for Cisco book, they will drive you around in circles before you get the idea. when in fact it is just a very small matter.
anyway i think that's how marketing strategy works.
to the original poster, don't really mean to hijack this post.
But can't find a way to thank Scott except to do this. Thanks again Sir Scott.
well...as much as I respect Scott and everything he had achieved and contributed to so many CCIEs, I have to respectfully disagree with MPLS being an ‘overlay network’ and agree with Anthony Sequeria. It is all about who you peer routing with. Frame-Relay is an overlay network because the provider does not participate in customer routing. MPLS is a ‘peer-to-peer’ model network because the provider Does participate in customer routing.
It's ok to disagree with me. However, that just means that I have to do a better job of explaining things. Anthony's explanation of SP models was how they used to do things from an architectural point of view but not necessarily having to do with logical function. Although even he mentions the L3VPN part of using the overlay to create the peer-to-peer!
At a base level... Forget about details... The term "overlay" simply means to function on top of something else. In other words, take away the base level and your overlaid stuff can't work. MPLS is an example of that.
Your service provider has an IP network that is only usable/reachable insider their own devices. On TOP of that, MPLS is running. Take away the base IP network, and MPLS/LDP/BGP/etc cannot function. Hence MPLS is an overlay.
You have some examples within MPLS of Layer3 VPNs and Layer2 VPNs. Each of those is an overlay as well. Again, take away IP base or even MPLS and those cannot function by themselves. Yet they serve to create connections between companies and sites that will emulate a peer-to-peer network. And yet they are still an overlay!
It's complicated. No doubt about it. But you have to think of the LAYERS upon which you build a network in order to achieve your end result of "virtually private peer-to-peer-like" functionality yet over a common (shared) core network.
In your last post arguing that L3 VPNs are peer to peer, I think you may need to read a bit more about how BGP works within the IPv4 VRF address families as well as the VPNv4 address families on the SP side in order to make that work. Again, without the base, the transport will not exist.
*Trying to understand everyone's point of view here and also some of the Literature I humbly write the following (with a few quotes from the answers above)*
What is an Overlay?
Overlay simply means to function on top of something else. In other words, if you take away the base, the overlaid stuff cannot work. So the Layer 2 is overlaid on top of Layer 1 etc.
But an Overlay Network means that a Network is overlaid on top of another Network. (Let us define an Overlay Network as the following)
An Overlay Network is a Network that changes the existing behavior of the Base Network to achieve some goals like more efficient use of the Links etc.
What this means, is that even without the Overlay Network, the Base Network has the perfect capability to carry a packet from the Source to the Destination. But some technologies like MPLS etc aim to change this default behavior of the Base Network to achieve some goals.
In this sense, MPLS*, Segment Routing etc. all are Overlay Networking Technologies.
A Peer-to-Peer Network is actually the Base Network. Here all Networking Routers be it Provider or Customer exchange Routing Information, and for any Packet they take independent Routing Decisions based on what they have learnt from the Routing Protocols. Now if you create Tunnels (like GRE) etc. on top of this Base Network you are altering the default behavior of the Network and hence you can call the Tunnel an Overlay Network. So in this sense you can also call a Virtual Circuit an Overlay.
Is MPLS* an Overlay Network?
Well MPLS with TE is definitely an Overlay Network, because like the definition of Overlay Network explains, MPLS TE changes the default behavior of the Network. But is MPLS L3VPN an Overlay? Well, it seems to be an Overlay because Private Addresses are NOT Routable over the Public Internet, however MPLS VPN Solutions allow you to do that. In that sense, MPLS VPN is also an Overlay Network since you are changing the default behavior of Network again (However this argument is not as strong as the one for TE).
However, some literature* explains (and rightly so) that MPLS L3VPN or L2VPN is NOT an Overlay VPN but it is a Peer-VPN Solution. This is because it defines the term Overlay Network a bit differently. Here they define an Overlay Network as a Network where Customer Routers directly Peer with other Routers in a remote site and NEVER with the Provider. The Provider simply leases a Virtual Circuit to the Customer, and the Customer exchanges Routing Information between itself.
Here the Service Provider never sees the Customer Routes.
Now in Peer-VPN this is what happens =>
In the peer-to-peer VPN model, the service provider routers carry the customer data across the network, but they also participate in the customer routing. In other words, the service provider routers peer directly with the customer routers at Layer 3. The result is that one routing protocol neighbourship or adjacency exists between the customer and the service provider router. So here the Service Provider knows about the Customer Routes.
So according to this Literature, MPLS L3VPN is NOT an Overlay BUT it is a Peer-VPN Solution. However we can all agree that MPLS TE is an Overlay. So let us keep all this in mind, but for the sake of a consistent meaning of terms let us define the following =>
- MPLS TE is an Overlay Network.
- MPLS VPN is a Peer-VPN Solution.
Literature* => MPLS Fundamentals book by Luc De Ghein and MPLS Enabled Applications.