[c-nsp] Using MPLS PEs as gateways for access layer

Peter Rathlev peter at rathlev.dk
Wed Nov 30 14:12:37 EST 2016


On Wed, 2016-11-30 at 11:38 -0500, Ryan L wrote:
> One other question I have been having with this is, I'll obviously
> have some L2 adjacency for my FHRP between the two cores, but should
> I also be running an IGP within each DC between the two on the
> private VRF? I don't have any other routed devices in these sites
> except for the PEs, so I wouldn't be using it for anything aside from
> between the two.

With the "full MPLS L3VPN" model you would at most need just one
adjacency in the global IGP between the two PE routers. There's
generally no need to have an IGP running inside the VRFs and the
redistribution between this IGP and BGP can be a mess.

With VRF Lite I would on the other hand always make sure there's a
direct physical link between the two PE routers and create an adjacency
per VRF between them, though preferably in BGP.

> Route information (connected, static) can be shared via VPN amongst
> all PEs, but not sure if there is any benefit to sharing things like
> static routes via IGP between the two PEs within a single site
> (router ospf -> redist static subnets route-map etc.) as opposed to
> propagating it to core #2 at the same site via VPN/BGP. In my labbing
> it seems to work fine without IGP, but devil is always in the
> (production) details. :)

I'd just use MP-BGP for this. It doesn't matter if the PE routers have
a direct iBGP adjacency or you use route reflectors, they would see
each other as next-hop and route optimally according to the global IGP.

I would avoid redistributing between an (in-VRF) IGP and BGP unless I
really had to. It generally "just works" but can lead to hard to guess
sub-optimal routing paths.

-- 
Peter



More information about the cisco-nsp mailing list