VPN Support
An NTP client must communicate with an NTP server and peers where the server is deployed on a virtual private network (VPN), irrespective of IP networks. VPN is a computer network that is implemented in an additional software layer (overlay) on top of an existing network. This creates a private scope of computer communications or provides a secure extension of a private network in an insecure network, such as the Internet.
VPN can also be used to link two separate networks over the Internet and operate as a single network. This is useful for organizations that have two physical sites. Rather than setting up VPN connections on each PC, the connection between the two sites can be handled by devices, one at each location. After the configuration is complete, the devices maintain a constant tunnel between them that links the two sites. The links between nodes of a VPN are formed over virtual circuits between hosts of the larger network. VPNs are often deployed by organizations to provide remote access to a secure organizational network.
Figure 1shows VPN support.
Customer edge (CE): physically deployed at the customer site that provides access to VPN services.
Provider edge (PE): a device or set of devices at the edge of the provider network and provides a customer site view. PEs are aware of the VPNs that connect through them and maintain the VPN status.
Provider (P): a device that operates inside the core network of the service provider and does not directly connect to any customer endpoint. It is a part of implementing the provider-provisioned virtual private network (PPVPN). It is not aware of VPN and does not maintain the VPN status. VPN is configured on the interfaces on the PE devices that connect to the CE devices to provide VPN services.
