A method and apparatus for identifying virtual private networks (VPNs) in a network of a
service provider. The method and apparatus includes generating a VPN routing forwarding—
route target (VRF-RT) table for the network. From the VRF-RT table, at least one of a VRF-VRF table and a VRF
connectivity graph is generated. From the VRF-RT table, a set of atomic full-mesh components are identified, and from the at least one of a VRF-VRF table and a VRF
connectivity graph, at least one set of other types of VPN components are identified, such as atomic single hub-and-
spoke components, molecular multi-hub-and-
spoke components, composite full-mesh components, composite single hub-and-
spoke components, and / or composite multi hub-and-spoke components.