[c-nsp] MPLS VPN Question about PE-CE - Private or Public IP?

Christian MacNevin christian.macnevin at gmail.com
Wed Aug 20 14:12:46 EDT 2008


Agree with everyone who's agreed with point 5 :)

I've been in MPLS SPs for years and regretted every time I've seen  
somebody try and use private
space for management.


On Aug 20, 2008, at 9:47 AM, Everton da Silva Marques wrote:

> On Wed, Aug 20, 2008 at 11:19:43AM +1000, Andy Saykao wrote:
>> Just wondering from those in the know, whether it's best practice to
>> implement public or private IP's for the PE-to-CE link. What's  
>> everyone
>> using and why?
>
> There is a kind of best practices in a presentation from
> Cisco Networkers 2008. Slide 83 content is reproduced below.
>
> Cisco Networkers 2008
> BRKIPM-2001: Deploying MPLS VPN Networks
> by Dirk Schroetter
>
> Best Practices
>
> 1. Use RR to scale BGP; deploy RRs in pair for the redundancy
> Keep RRs out of the forwarding paths and disable CEF (saves memory)
>
> 2. RT and RD should have ASN in them i.e. ASN: X
> Reserve first few 100s of X for the internal purposes such as  
> filtering
>
> 3. Consider unique RD per VRF per PE, if load sharing of VPN traffic  
> is required
>
> 4. Don't use customer names as the VRF names; nightmare for the NOC.
> Use simple combination of numbers and characters in the VRF name
> For example: v101, v102, v201, v202, etc. Use description.
>
> 5. PE-CE IP address should come out of SP.s public address space to  
> avoid overlapping
> Use /31 subnetting on PE-CE interfaces
>
> 6. Define an upper limit at the PE on the number of prefixes  
> received from the CE for each VRF or neighbor
> Max-prefix within the VRF configuration; Do suppress the inactive  
> routes.
> Max-prefix per neighbor within the BGP VRF af (if BGP on the PE-CE)
>
> Hope this helps,
> Everton
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list