[c-nsp] Internet in VRF
Pshem Kowalczyk
pshem.k at gmail.com
Sun May 3 17:07:13 EDT 2015
+1 for Internet in a VRF.
I've deployed this sort of setup for a number of operators. Definitely
allows for much greater flexibility when it comes to services - everyone
had to run something more then just 'internet' to the sites (management,
corporate network, sometimes private VPNs). Not to mention the fact that
the global table only has to contain the links and loopbacks. It also
allows for easy separation of peerings in multi-lateral exchanges (when the
IX has own RRs to peer with) - separating those into VRFs makes sure no
ones can just use the network for transit. I always kept one 'Internet'
table that contained all transit providers and customers which required a
full table. Peering exchanges - VRF per exchange, customers that only
require a default route - into another (single) VRF. On top of that VRFs
for things like cache clusters, CDNs etc. A lot of that could be done using
'classical' methods, but I think using L3VPN makes this much easier to
manage. This internet could easily be provided out of low spec boxes (7200,
ME3600X, ASR903) using exactly the same method, even in unified-MPLS
topologies.
If the number of labels is a problem - most platforms can do label per vrf
or label per CE - that helps greatly.
kind regards
Pshem
On Mon, 4 May 2015 at 08:00 Mark Tinka <mark.tinka at seacom.mu> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> On 3/May/15 13:43, Gert Doering wrote:
> >
> >
> > "Plain IP routing" *does* provide fast convergence, btw, you just need
> > to run EIGRP :-) *duck and run* (yes, I'm aware that things have vastly
> > improved in link state protocol land in the past 10 years, and stuff like
> > LFA is now even better)
>
> I like this, and I know a large network in Japan that does exactly this
> too.
>
> The only reason I do MPLS is because of things like TE, NG-MVPN and l2vpn.
>
> This is why I do all my signaling in LDP, because RSVP is no fun. LDP
> does what IP does, and that is as pure as you will get IP in an MPLS land.
>
> Mark.
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBAgAGBQJVRn4aAAoJEGcZuYTeKm+GuFgP/jUHYR/+tswIGTz5E9r5D5aG
> 9xIEkjrfP2GcdDpx1Vx7zTDrmiKwJXxCYApo/lQek+RHVC8pyNzcSCtVddOW+gdM
> RBgD3/aFCIWxUwFvaNigwsekDIml2izPWQXCbtcn+g/2Ust5gCdCwCniA1TOfu13
> 8LHTZ28SarEFD2D2UVEh6MNcTlSimMuJJI7ooh7BlLGje/dvrfIAK445cwPBuB+j
> KdjnETVgkqI/5tpKyb0loU5gf7NLDM4kZg56mqjx0Y6RWn0HgHYDpVVF3pnsx0kt
> yraQk4i+OZkDUvik2WL30J5kQBPKA7BquHJ40jBGv/q2U/+L0OA7p34alh0RvMAO
> BYQvoSpvvqUeS37Qa/Fr3Pj76bQKFCBzfip8RbgGHqP8jTT5DwI5Foz8Qmlg+x8k
> 3TzIhueSmPawVl2Ab2JtjNWIwIb3AbAneLDopB2rb8uMCEaN0ysiX2U78KpYweD1
> +W3pWzy4TVCM6igmpGpjoV7Y0xY7gzFyK15/fiYpWuwmtahyUmu5R51fZo1EMbh9
> wOC1cs/X1DdHmRHp/ds19B3w44A+zljpiqMlSh0sqOC79tN5PStPlnagnVPk4h7c
> x0KFCXmNFBnoXK4K/wt59cV+Qk8dHI7ZKPYs9e+hGfbg34nF/bMh2hHU/a0efAxx
> IBwYlt4i2O19V2JPbS7P
> =4RKE
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list