Re: [nsp] RR Configuration on MPLS - VPN

From: Martin Picard (mpicard@sinc.ca)
Date: Mon May 07 2001 - 17:25:17 EDT


Zaheer,

  I totally agree with you when you have a peer that only peers with one RR.
  In your scenario, RR3 should peer with RR1 and RR2, this way RR3 would
  not miss anything. The whole point behind this is that if updates are not
  filtered based on their cluster-list and are accepted as valid paths, you
  could end-up with suboptimal routing and even routing loops.
  rfc2796 describes how and why you would end up with these.

  Even though Cisco gears take the cluster-list into account in their BGP
  selection process ( http://www.cisco.com/warp/public/459/25.shtml step 12)
  it seems cleaner to design the network with proper clusters when you can.

  mp

>At 01:22 PM 05/04/2001 -0400, Martin Picard wrote:
>>Marcio,
>>
>>Yes you could, but if all RR-Clients connects to both RR then I would
>>use the same cluster-id on the RRs.
>
>
>
>using the same cluster-ID on both RR has the potential of routing breakdown.
>
>Imagine a client that connects to two RR which has some cluster ID. Client advertise
>a prefix to RR1 and RR2. Now link between RR2 and client break or BGP session goes
>down. RR1 will advertise that prefix to RR2 but RR2 will reject it because it has a same
>cluster-ID in the cluster-Iist. Thus RR2 will have no way to reach prefixes advertise by client
>You're right but, RR2 should not have to learn about that prefix from RR1. Keyword here is if ALL
>clients connect to both RRs. In your scenario upon a failure between Client1 and RR2, all other
>clients will receive the prefix from RR1 only.
>

  For the clients it would work fine but imagine RR3 which ONLY connects to RR2, and C1 and RR2
  links fails. Now RR3 has no announcements from CC1. (RR2 may be a client of RR3)

  Better question is what do you buy from having same cluster. One less update at the cost of black hole
  traffic in certain cases?

  Thanks
  Zaheer

>mp
>
>Thanks
>Zaheer
>
>>mp
>>
>>----- Message d'origine -----
>>De : "Marcio Pilotto" <<mailto:marcio.pilotto@intelig.net.br>marcio.pilotto@intelig.net.br>
>>À : "'Martin Picard'" <<mailto:b1bwuh29@videotron.ca>b1bwuh29@videotron.ca>; <<mailto:cisco-nsp@puck.nether.net>cisco-nsp@puck.nether.net>
>>Cc : "Jose Ferreira" <<mailto:jose.ferreira@intelig.net.br>jose.ferreira@intelig.net.br>
>>Envoyé : 4 mai, 2001 12:54
>>Objet : RE: [nsp] RR Configuration on MPLS - VPN
>>
>>
>>Thanks Martin.
>>
>>Based on your answer, I understood that it is possible to have two VPNv4 RR
>>servers with a VPNv4 BGP connection between them with no cluster-id
>>configured. Am I right?
>>
>>Regards,
>>
>>Marcio Pilotto
>>Network Design Engineer
>>Intelig Telecomunicações Ltda
>>Praia de Botafogo, 440 - 12° andar
>>Tel.: + 55 21 536 0880
>>Mobile: +55 21 97 65 65 23
>>Fax: +55 21 536 0903
>>marcio.pilotto@intelig.net.br <<mailto:marcio.pilotto@intelig.net.br>mailto:marcio.pilotto@intelig.net.br>
>>
>>
>>-----Original Message-----
>>From: Martin Picard [mailto:mpicard@sinc.ca]
>>Sent: sexta-feira, 4 de maio de 2001 13:08
>>To: Marcio Pilotto; <mailto:cisco-nsp@puck.nether.net>cisco-nsp@puck.nether.net
>>Cc: Jose Ferreira
>>Subject: Re: [nsp] RR Configuration on MPLS - VPN
>>
>>
>>Marcio,
>>
>> I've done it several times now, works fine.
>> You won't find the bgp cluster-id under the
>> vpnv4 address-family but as usual under
>> the global "router bgp".
>>
>> I doubt that you'll be able to have different
>> cluster ids based address-family !!!
>>
>> mp
>>
>>
>>----- Message d'origine -----
>>De : "Marcio Pilotto" <<mailto:marcio.pilotto@intelig.net.br>marcio.pilotto@intelig.net.br>
>>À : <<mailto:cisco-nsp@puck.nether.net>cisco-nsp@puck.nether.net>
>>Cc : "Jose Ferreira" <<mailto:jose.ferreira@intelig.net.br>jose.ferreira@intelig.net.br>
>>Envoyé : 4 mai, 2001 10:42
>>Objet : [nsp] RR Configuration on MPLS - VPN
>>
>>
>>Folks,
>>
>>I have two c7500 router that, in normal IPv4 world, belongs to a two
>>different PoPs and two different Cluster-ID on normal IPv4 BGP session.
>>
>>These two routers must be a RR for MPLS-VPN for several RR Clients ( PEs )
>>spreaded along the backbone, but I did not see any specific Cluster-ID
>>inside address-family VPNv4 in order to avoid any unnecessary propagation of
>>routing information.
>>
>>Have any one implemented VPNv4 Route Reflector with more than one RR Server?
>>
>>Thanks
>>
>>Marcio Pilotto
>>Network Design Engineer
>>Intelig Telecomunicações Ltda
>>Praia de Botafogo, 440 - 12° andar
>>Tel.: + 55 21 536 0880
>>Mobile: +55 21 97 65 65 23
>>Fax: +55 21 536 0903
>>marcio.pilotto@intelig.net.br <<mailto:marcio.pilotto@intelig.net.br>mailto:marcio.pilotto@intelig.net.br>



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:37 EDT