[c-nsp] MPLS down to the CPE

Mark Tinka mark.tinka at seacom.mu
Sat Jul 6 08:26:26 EDT 2013


On Saturday, July 06, 2013 10:58:15 AM Andrew Miehs wrote:

> Don't see why adding MPLS would help very much here -
> especially considering the security risk!
> 
> What is the difference on input for the customer between
> connecting to a PE, or connecting to a CE provided by
> yourselves? The main reason for running a PE out to a
> customer site would be if the customer requires a lot of
> different VPNs/ VRFs which you are routing for him - L3
> tunnels vs L2 -  and you don't have a leased line
> capable of separating these VPNs...
> 
> So why couldn't you just run a pair of 3900s CEs (eBGP
> private ASes between PEs and CEs, iBGP between the two
> CEs) and HSRP/ GLBP for the customer side failover?

Because in our case, these were l2vpn customers that didn't 
want to spend the money to multi-home to our access switches 
when they bought expensive SLA's. 

So our commercial teams came up with the brilliant idea to 
put an MPLS-capable device at their premises so that "we" 
would spend the money to bring in two circuits, but then 
maintain our MPLS-to-the-edge concept so that redundancy and 
failover is better than what STP and friends give you.

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20130706/357b38c7/attachment.sig>


More information about the cisco-nsp mailing list