[c-nsp] IPv6 PE-CE
Saku Ytti
saku at ytti.fi
Thu Oct 18 07:47:13 EDT 2012
On (2012-10-18 12:21 +0200), Benny Amorsen wrote:
> Do you need filters/policies/route-maps in a VRF? If a customer messes
> up, they only take out their own VRF. OSPF in a VRF can be pretty much
> hands-off. You do not even need to configure neighbors. The only problem
> is if your customer sends you a million routes.
It shouldn't be argued this direction, BGP needs no justification, IGP
does.
But yes, I allow customer to use communities to various kind of functions,
including BGP blackholing. And I'm planning to implement aggregation in
IPv6 on PE level, but for redundant customers etc, I will need to break
aggregation, which I will do via BGP communities and static tags.
> It would be great if someone came up with a zero-configuration solution
> for BGP. I have seriously considered switching our default PE-CE routing
> protocol to eBGP, but it ends up quite complicated.
We did this decade ago, no one has looked back. Configuring BGP in certain
platforms can be 0 touch on PE. Like if you use 'allow CIDR' in JunOS or 'bgp
listen range CDIR peer-group X' in JunOS you don't even need to touch PE
when adding CE.
In JunOS you can further reduce config cruft by using apply-group to fill
in all stuff like import/export maps, asn, as-override etc, so those would
only appear in single place.
> OSPF may be expensive in theory, but in practice it performs well.
RIP is the real scale beast :) If you truly need to run thousands of
sessions. I know someone doing RIP to the server at TOR, where RIP was only
scalable solution.
--
++ytti
More information about the cisco-nsp
mailing list