> Assume I have a configuration like this -
>
> ip vrf VPN-A
> rd 100:1
> route-target export 100:1
> route-target import 100:1
>
> 1. The route-target here implies that routes belonging to VRF-A with RD of
> 100 will be exported, & routes belonging to RD 100 will be imported, Now
> if RD's have local significance, how will the source which exchanges
> routing information with this router be identified.
>
I think you have route distinguisher (RD) and route target (RT)
confused.
RD is used *only* to differentiate routes by the BGP decision
process. Look at it this way:
- currently, BGP picks the single best path to a destination based on
network number and mask length in a particular advertisement.
- this means that if a route-reflector sees two routes for 10.0.0.0/8,
it will pick its favorite and reflect that route down to its clients.
- if you have multiple VPN customers who don't talk to each other, it
is perfectly legal for them to use the same rfc1918 space in their
network
- if you route-reflect VPN routes, and your route decision process is
only based on network & mask, and if you have two advertisements for
10.0.0.0/8 floating around your network, only one will get picked and
the other will get dropped.
- Route Distinguisher (RD) is used so that, when comparing vpnv4
routes, you no longer only look at network and mask. For two routes
from two different sources to be considered the "same", they have to
have the same network, mask, and RD. So if I have two advertisements
for 10.0.0.0/8, but with two different RDs, then vpnv4 bgp compares
these routes as 100:1:10.0.0.0/8 and 100:2:10.0.0.0/8 (where 100:1 and
100:2 are your RDs). Therefore, the routes are unique, and both are
propagated to all vpnv4 RR clients.
> Because in the BGP configuration, when I set up an IBGP session with an
> internal PE router which may be catering to multiple VPN clients, how will
> I ensure which RD routes are exchanged or exported to which RD (VPN), Or
> else is the VRF identifier globally significant, which is taken into
> consideration while exchanging routes.
>
ensuring the RD is globally significant is an administrative issue,
just like any other address assignment.
> 2. I am still unclear on how the Core routers, who do not share VPN route
> information do forwarding, becos when a core router recieves a packet from
> a VPN source (Private IP address space) destined for another private
> address space, how will it decide on forwarding, because there would be no
> entry in its routing table.
>
the whole point of doing vpns like this with mpls is that you forward
on something *other* than destination ip address. the vpn edge
routers (PE) put a mpls label on the packet (learned via ldp or rsvp)
to get the packet to the exit-point PE. core routers just forward
based on these labels.
eric
> Kindly adviceds
>
> Thanks & Kind regards,
> Vinod.
>
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:18 EDT