[c-nsp] MPLS to Customer (Option B) / Multiple VRFs on CPEs

Saku Ytti saku at ytti.fi
Thu Sep 4 04:41:44 EDT 2014

On (2014-09-04 08:26 +0000), Vitkovský Adam wrote:

Hi Adam,

> It would be great though if the local PE or ASBR could receive the VPN label that was advertised to the foreign CEs or PEs so that it could use it during the label-stack check. This way the PE or ASBR would be able to verify stack that is two labels deep. 
> Some knob or AF in BGP that would tell the ASBR, hey we know you don't have any VPNs configured but just keep the VPN labels (for all  the Inter-AS prefixes) so that you can reference to them while doing label stack verification. 
> This could also work for L2VPNs where BGP is used to advertise L2VPN label (EVPN) or PW label (standard L2VPN). 

Ack seems it could work for L3 MPLS VPN and Kompella pseudowires, you'd just
need to keep copy of everything from everyone's point of view. Didn't think
about it, but probably any interASN MPLS FRR would not work.

For me personally, in NNI, having multiple VLANs is not a problem, I get own
counters, QoS, ACL etc. Having BGP for each VLAN is a problem, as I may want
to support 1000 VLANs, which is easy, but 1000 BGP is hard.
If BGP could send VLAN in NLRI, then we'd only need 1 BGP session, and there
would be no security issue in VLAN forging, as that would simply hit
unconfigured logical interface.


More information about the cisco-nsp mailing list