[c-nsp] Internet in VRF

Adam Vitkovsky Adam.Vitkovsky at gamma.co.uk
Wed May 6 05:22:29 EDT 2015 

Hi Dan,


> Dan Peachey
> Sent: 05 May 2015 16:11
> 
> >
> >
> > I guess PIC edge is more important as it provides fast failover
> > (local-repair) towards the PE with alternate AS-Exit in case the link
> > providing the primary AS-Exit fails, so while the BGP converges slowly and
> > majority of the PEs are still forwarding traffic towards the node acting as
> > primary AS-Exit the traffic is not dropped by this node but forwarded
> > towards the backup AS-Exit node.
> >
> 
> If you mean use PIC edge on the primary edge router to improve
> convergence
> when a transit link fails (and the primary edge router forwards the traffic
> to the backup edge router) then yeah that would help as you would not
> need
> to wait for any BGP best path selection and RIB/FIB updates as you already
> have the backup path in the FIB, however you have to weigh up doubling
> your
> FIB entries against the improved convergence (for Internet prefixes I'd
> argue it's not worth it).

Yeah the terms PIC edge and core are really confusing and I'll try to avoid those.
But what I meant by PIC edge was essentially PE-CE link protection and by PIC core I meant PE-CE node protection.
They both rely on BGP PIC.
And by PIC I mean the FIB hierarchy (where indirect next hop is used between the prefix and the actual forwarding next hop (borrowing juniper terms here) ) 

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-bgp-mp-pic.html#GUID-8D2DAC32-EDDC-4657-B331-0163742D53CF

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-bgp-mp-pic.html#GUID-473F4D7C-0242-42E6-94CE-938A9D248F7A
*should be: "Thus, with BGP PIC enabled on "PE1", Cisco Express Forwarding detects..."


> 
> PIC edge on PE's sending traffic to the edge routers won't help when a
> transit link fails as there is no next-hop change, unless you are not doing
> NHS on your iBGP for those prefixes and advertising your point-to-point
> subnet into your IGP.
> 
> 
> > Whereas BGP PIC core provides fast failover in cases where the whole PE
> > router fails (which is less likely to happen) so when other PEs in the AS
> > are notified via IGP that the primary NH is not reachable anymore there's
> > no need to wait for the FIB to be reprogramed -so the convergence is as
> > fast as the IGP (hence the need to tune LSA/LSP propagation).
> >
> >
> PIC core (hierarchical FIB) only helps in a link failure scenario, where
> the IGP next-hop changes (not the BGP next-hop) and only 1 FIB entry needs
> updating vs. ~500k as in a flat FIB architecture. If your primary BGP
> next-hop is not reachable any more then you have to rely on BGP next-hop
> tracking, best-path selection and RIB/FIB updates (unless you use PIC edge
> to program a backup FIB entry).
> 
Here I mean the node protection functionality.
And I really can't recall if I saw the "b" in front of the alternate NH without the "additional-paths selection route-policy" in place.

> 
> > I'm not sure it's enabled by default as I guess you'd still need to use
> > the "additional-paths selection route-policy" under the vpnv4 AF to
> program
> > the backup NH into the FIB.
> >
> >
> "additional-paths selection route-policy" is used to program backup FIB
> paths (ala PIC edge). I have read somewhere before that PIC core is on by
> default in XR on ASR9K and CRS but I can't find where I read it. On IOS you
> need to apply "cef table output-chain build favor convergence-speed" to
> enable PIC core (may be platform specific, I only ever tried it on ME3x00).
> 
> Some of the documentation around PIC can be confusing (and I'm sure
> different vendors mix up the terms in different ways) but that's how I
> understand it.
> 
> Cheers,
> 
> Dan


adam
---------------------------------------------------------------------------------------
 This email has been scanned for email related threats and delivered safely by Mimecast.
 For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------

More information about the cisco-nsp mailing list