[c-nsp] MPLS down to the CPE

Phil Bedard philxor at gmail.com
Tue Jul 9 13:02:56 EDT 2013

On 7/9/13 10:10 AM, "Mark Tinka" <mark.tinka at seacom.mu> wrote:

>On Tuesday, July 09, 2013 10:43:20 AM Adam Vitkovsky wrote:
>> Are the access rings in a separate area/level or
>> running a separate igp, or how do you scale your
>> backbone IGP please?
>We kept them in the IS-IS level (i.e., L2-only), as Inter-
>Area MPLS-TE is not supported without resorting to deploying
>expanded loose hops for RSVP-TE sessions (p2p and p2mp).
>The upside, simplicity and not running around
>troubleshooting potential adjacency problems caused having
>some routers being in the area a la L1 IS-IS.
>The downside, NLRI changes in the IGP happening in one end
>of the network would be "heard" by a router in another part
>of the network that is not generally interested in them.
>The weakest link was the smaller CPU's on the ME3600X, but
>those are not that bad to be honest.
>We opted to do that until the industry catches up with
>scaling methods that aren't as complex as BGP Label Unicast.

In our case we are using separate OSPF areas for the access elements,
IS-IS wasn't supported when we started doing the deployments.  Depending
on scale sometimes an entire agg location may use the same subtending
area, sometimes there are more than one, sometimes an area per access
ring.  The agg/core nodes of each local network sits in OSPF Area 0, and
the different network islands are tied together using CsC over a common
MPLS core.  Right now using LDP/OSPF handoffs since there were previously
some issues with doing RFC3107, but now should really should be migrated
to RFC3107.  If traffic levels increase enough we will build direct
circuits between the islands and use IS-IS as a "core" IGP, leaving OSPF
only in the access.   I've never liked the idea of doing inter-as RSVP-TE
except in unique situations, I'd rather use areas/levels and hierarchy
than a stateful session across boundaries.   At the ABR all of the L2VPN
services are "stitched" since you are entering a different RSVP-TE/MPLS
domain, the L3VPN configuration exists on these nodes with the access
nodes using L2 pseudowires into virtual L3 interfaces.   Cisco talks about
a similar architecture in their "Unified MPLS for Mobile" presentation
from the last Cisco Live.  Cisco has always called these ABR/agg nodes the
"PWHE" or pseudowire headend since they aggregate a large number of

Long-term there are various options to eliminate the stitching and
associated configuration, although we've got it pretty automated at this
point.  RFC3107 down to the access nodes will work but may overwhelm
routing tables if you have thousands of potential endpoints.  You also run
into scale issues with terminating BGP sessions from access nodes to RRs
or ABRs.   Another option is have the ABR do RFC3107 to LDP translation
(supported today) and have the access nodes setup in Downstream on Demand
mode so they request labels only for the destinations they need.  The
vendor (A) supports longest-prefix match for LDP, including the default
route, so you don't need to carry /32s in your IGP anymore.  Odd Juniper
wrote the RFC on that but (A) is the only vendor to implement it.


More information about the cisco-nsp mailing list