[c-nsp] MPLS speakers behind unreliable link

Pshem Kowalczyk pshem.k at gmail.com
Tue Jan 13 15:18:40 EST 2009


Hi Oli,

2009/1/13 Oliver Boehmer (oboehmer) <oboehmer at cisco.com>:
> Pshem Kowalczyk <> wrote on Tuesday, January 13, 2009 01:18:

{cut}

>> 2. Somehow connecting all the remote PEs to local P/PEs (multiple
>> remote PEs connected to one local P/PE) and using local PE as sort of
>> aggregation point, that would hid the instability of the DSL network.
>> We haven't done anything like this before, so I'm not even sure if it
>> can work - using ISIS create L1 domains from the remote PEs, make the
>> local P/PEs a L1L2 devices and use L2 to connect to the core. Would
>> label distribution work in a scenario like that assuming LDP for the
>> next-hop and MP-BGP for vpn information? After all a ISIS L1 is a
>> completely stub network, so it shouldn't see any routes from L2. Is
>> that the case also for LDP (i.e. LDP will not generate a label for a
>> FEC (prefix) that is not advertised into a L1 domain?)
>
> This would work, but you would need to leak the BGP next-hops (or L2 PW
> router-IDs) from the L2 into the L1 areas to provide an end-to-end LSP.
> I would consider this a reasonable approach. Make sure you use a
> dedicated loopback address range for all your remote devices so you can
> easily create an ACL for route leaking ("redistribute isis ip level-2
> into level-1 distribute-list <ACL>").
>
> Obviously, the result of link flaps (i.e. loopbacks coming and going)
> would still be propagated throughout the whole domain, but you can use a
> less aggressive prc-interval setting on your nodes. So achieving
> aggressive, sub-second ISIS convergence could be a challenge if the
> network is not stable.

What if I only distributed an aggregate out from the L1L2 device to
cover all of the L1 loopbacks? Obviously this way the L1L2 box would
have to do a L3 lookup, but this way there would be no flaps visible
at all. I could do the same in the other direction (by injecting only
loopbacks aggregate) into L1 domain. Or am I completely wrong here?

kind regards
Pshem


More information about the cisco-nsp mailing list