RE: [j-nsp] Extranet in MPLS VPNs

From: Bala Subrahmanyam Venkata (bsubrahm@doradosoftware.com)
Date: Mon Oct 15 2001 - 16:19:19 EDT

Next message: Stephen Gill: "Re: [j-nsp] R: [j-nsp] class permission problem"
Previous message: Gary Tate: "RE: [j-nsp] Extranet in MPLS VPNs"
In reply to: Gary Tate: "RE: [j-nsp] Extranet in MPLS VPNs"
Next in thread: Gary Tate: "RE: [j-nsp] Extranet in MPLS VPNs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Thanx for the response Gary. I have some questions along the same lines.

Does Juniper's implementation then mandates that for every site that needs
to be in more than one VPN it must have its routes in a separate VRF routing
instance ? For eg., if

VPN A has sites Site1, Site2 and Site3
VPN B has Site1 and Site2

(assumption: Site1, Site2 & Site3 are attached to the same PE router. Each
has its own CE Router in its site pointing to the PE.)

then, it means Site1 & Site2 routes will be in a VRF routing instance
("S1-S2") and Site3 routes will be in another VRF routing instance ("S3").

If Site1 again, becomes a part of some other VPN C, then a VRF routing
instance is created for Site1 ("S1"). Also "S1-S2" routing instance is
edited such that it contains only routes from Site2. VRF routing instance
"S3" will still contain routes from Site3.

And if there is a Site4 also having memberships to VPN A and VPN B, then its
routes are in "S1-S2" VRF routing instance ??

> >P.S. A comment on the doc. Calling the sites as "VPNA", "VPNB"
> >and "VPNAB"
> >is confusing. Perhaps you can choose a better name that describes the
> >scenario ?
>
> I will send this on the appropriate people internally. Do you have any
> suggestions for names?

Just call them Site A, Site B and Site AB. (BTW, I assume your "VPNAB" is a
whole another site and does not mean that either Site A or Site B CE Router
has an additional interface now on the PE...is that right ?)

EOM.

/bala

> >
> >1. Per your doc the CE2 Router is in VPN A and VPN B. What if there is
> >another CE Router (say 'CE6' Router) that is directly
> >connected to the same
> >PE Router (PE1 in your case) and it(CE6) is also part of VPN A
> >and B ? Will
> >its VRF be similar to that of VPNAB ?
>
> I believe in this case I would simply add the interface for CE6 into the
> VRF, VPNAB and add the additional routes required for this new site.
>
> >2. On the same lines, what if CE6 instead is part of VPN A and
> >some other VPN C ? How will this affect the configuration ?
> >
>
> In this case you would have to create another VRF for VPN-AC with the
> appropriate RIB-Groups.
>
> >Before you could research further, are these two cases 'real world' ?
> >
>
> With extranets I believe anything could be asked for.
>
> >
> >TIA
> >
> >bala
> >
> >
>

Next message: Stephen Gill: "Re: [j-nsp] R: [j-nsp] class permission problem"
Previous message: Gary Tate: "RE: [j-nsp] Extranet in MPLS VPNs"
In reply to: Gary Tate: "RE: [j-nsp] Extranet in MPLS VPNs"
Next in thread: Gary Tate: "RE: [j-nsp] Extranet in MPLS VPNs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:37 EDT