[c-nsp] Best Practices for connecting MPLS core to Internet?

Pshem Kowalczyk pshem.k at gmail.com
Thu Aug 4 16:06:21 EDT 2011


Hi,

On 5 August 2011 07:11, Ross Halliday
<ross.halliday at wtccommunications.ca> wrote:
> Hello list,
>
> We're working on getting ourselves over to an MPLS core and I've hit a bit of a snag with how we're going to actually connect it to the Internet. Our current setup is very simple: We run eBGP on an edge router with a public ASN and our IGP is OSPF. Of course with MPLS we're looking at running BGP everywhere.
>
{cut}

I think in your circumstanced idea to use the 6500 as a CE is a good
one. We have tried (albeit at least 3 years ago) to use 6500 as a PE -
one thing we realised - even if you originate the default there all
traffic will be label switched out, without doing the L3 lookup, which
is not a good thing if you have more then one upstream provider.
Ultimately we have settled for ASR1k and Internet in a VRF (as you
originally proposed).
I would not bother with masking the core AS at all. You can put
hold-down routes on the 6500 and originate all of your 'public'
prefixes from there. If you can ensure that every prefix in core is
more specific - that's going work for you well.
For the downstream customers - depending on the number and location of
your border routers - I would also consider running a L2VPN through
the private AS MPLS cloud back to your border routers, so the customer
runs BGP directly with them (seems cleaner to me then replacing the AS
in both upstream and downstream directions).

kind regards
Pshem



More information about the cisco-nsp mailing list