[c-nsp] Inter AS MPLS hybrid thingy...

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Thu Sep 13 08:09:47 EDT 2012


JC,

short answer: Yes, quicker and safer option is to go with the IAS link and
just keep CsC as it is.
 
still: I haven't thought my suggestion through, but you would basically
configure eBGP+label (in the global table) on all previous CsC interfaces,
and advertise all PE (& RR) loopbacks you need to reach (you might need
allowas-in on the child net in case parent carries child's loopbacks in
iBGP). This gives you PE-to-PE LSPs.
To use these LSPs for L3VPN, you need to distribute vpnv4 information. I
guess you would link the RRs in the different Child-net's sites (iBGP
between them across the Parent network, just like in the CsC design), and
also build an multihop-eBGP session between the RR in Child and Parent
(according to 10c).
No need to change BGP AS anywhere.  But moving from the existing design to
the new one would very likely involve some downtime as the CsC links are
being moved.. 

But as I said: quicker and safer option is to go with the IAS link and
just keep CsC as it is ;-)
 
	oli

On 13/09/2012 13:49, "JC Cockburn" <ccie15385 at gmail.com> wrote:

>Hi Oli,
>Sorry for bugging and keeping on with this, but if we get rid of CsC then
>we
>would isolate all the "CsC" sites. That would mean reconfiguring their BGP
>AS's etc which would be downtime... Am I right or did I miss what you
>meant?
>There is "trust" between the AS's, but I think for the quicker safer
>option
>the Inter-AS link would be best?
>
>Thanks again
>Ciao
>JC
>
>-----Original Message-----
>From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
>Sent: Thursday, September 13, 2012 1:41 PM
>To: JC Cockburn; 'Christian Meutes'
>Cc: cisco-nsp at puck.nether.net
>Subject: Re: [c-nsp] Inter AS MPLS hybrid thingy...
>
>Another option would also be to get rid of CsC altogether and replace this
>with InterAS option C between the two networks. This allows you to
>establish
>PE-to-PE LSPs, both between Parent and Child, but also between different
>Child clouds on different ends of the network. Route distribution (both
>vpnv4 and ipv4+label) would certainly be a bit trickier, and it requires
>flexibility in the Parent network as this is something rather non-standard
>(but so is CsC, don't think it is offered as a "standard" off-the-shelf
>service widely).
>This is not an easy/straight-forwarded approach, but it could work. It's
>only worth if parent and child actually have a close relationship (like
>different parts of the same company) and also trust each other (sort of
>;-).
>
>	oli
>
>On 13/09/2012 13:27, "JC Cockburn" <ccie15385 at gmail.com> wrote:
>
>>Hi Oli,
>>You understood correct.
>>So one of the ways is to get another (logical/physical) link from
>>Child_net1
>>to Parent_net and do Inter-AS MPLS over that link...can be the same
>>physical routers. Option 10b would be the best to suite our
>>requirements as the number of L3VPN's might grow...
>>
>>Thanks guys
>>Ciao
>>JC
>>
>>-----Original Message-----
>>From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
>>Sent: Thursday, September 13, 2012 1:06 PM
>>To: Christian Meutes
>>Cc: JC Cockburn; <cisco-nsp at puck.nether.net>
>>Subject: Re: [c-nsp] Inter AS MPLS hybrid thingy...
>>
>>Yes, so I read it as well.. But I guess the question is how Child_net1
>>wants to interconnect with a L3VPN (not CsC) customer on Parent_net..
>>If Parent_net just imports the L3VPN customer's Routes into the CsC VRF
>>towards Child_net (and vice versa), this would provide connectivity
>>between Child_net's global table and the L3VPN customer. But not (and
>>this is how I read it) between a Child_net L3VPN customer and the L3VPN
>>customer on parent_net..
>>So enough speculating, let's wait for JC to clarify the requirements
>>:-)
>>
>>	oli
>>
>>On 13/09/2012 12:54, "Christian Meutes" <christian at errxtx.net> wrote:
>>
>>>Hey Oli,
>>>
>>>I read it as Child_net1 is L3VPN with MPLS enabled (CsC) but I may be
>>>wrong...
>>>
>>>On 13.09.2012, at 11:53, "Oliver Boehmer (oboehmer)"
>>><oboehmer at cisco.com>
>>>wrote:
>>>
>>>> Don't think this is going to work Christian. Child_net1's interface
>>>>to  Parent_net is actually in the global table, so any addresses
>>>>visible there  are being treated as global devices in remote parts of
>>>>Child_net1, not any  vpnv4/VRF addresses.
>>>> JC, you need to setup InterAS-MPLS-VPN (whichever flavor meets your
>>>>need,  I guess 10a or 10b would do it) on another link (which could
>>>>also be a  subinterface of the existing one, of course).
>>>> 
>>>>    oli
>>>> 
>>>> On 13/09/2012 11:17, "Christian Meutes" <christian at errxtx.net> wrote:
>>>> 
>>>>> Import&Export between the RDs and give the L3VPN-only customer also
>>>>>MPLS  and eBGP session between them.
>>>>> 
>>>>> On 13.09.2012, at 10:44, "JC Cockburn" <ccie15385 at gmail.com> wrote:
>>>>> 
>>>>>> Hi All,
>>>>>> 
>>>>>> We have a weird setup/requirement as following and I need some
>>>>>> advise
>>>>>> please:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> Working MPLS network serving L3 VPNs (lets call it Parent_net). On
>>>>>>this  network we have one of the VPN's as CsC serving another
>>>>>>"provider"
>>>>>> (call it
>>>>>> Child_net1).
>>>>>> 
>>>>>> Now this provider (Child_net1) needs to communicate with another
>>>>>> L3VPN also on Parent_net.
>>>>>> 
>>>>>> Can this be done by some means using the same existing links
>>>>>> between Parent_net and Child_net1 (so the CsC links)? Or do we
>>>>>> have to create another link/s with ASBR routers between Parent_net
>>>>>> and
>>Child_net1?
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> Any experience/tips and/or advise would be appreciated
>>>>>> 
>>>>>> Ciao & enjoy!
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> JC
>>>>>> 
>>>>>> _______________________________________________
>>>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>> 
>>>>> _______________________________________________
>>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>> 
>>
>




More information about the cisco-nsp mailing list