[c-nsp] [j-nsp] L3VPN/RR/PE on Same router

adamv0025 at netconsultings.com adamv0025 at netconsultings.com
Fri Aug 17 09:39:45 EDT 2018


> From: Robert Raszuk [mailto:robert at raszuk.net]
> Sent: Friday, August 17, 2018 9:57 AM
> To: Mark Tinka
> Cc: adamv0025 at netconsultings.com; juniper-nsp at puck.nether.net; cisco-
> nsp at puck.nether.net
> Subject: Re: [j-nsp] L3VPN/RR/PE on Same router
> 
> Hey Mark,
> 
> It has been a while ....
> 
> > We've been running all address families on the same RR's (different
> > sessions, obviously, but same hardware)
> 
> Out of pure curiosity how are you setting up different BGP sessions to the
> same RR ?
> 
> I think what Adam is proposing is real TCP session isolation, what you may be
> doing is just same single TCP session, but different SAFIs which is not the
> same.
> 
Yes Robert, I was indeed proposing separate TCP sessions at least -as that's the only way to protect against the default behaviour of terminating session upon malformed bgp update reception.

> Sure you can configure parallel iBGP sessions on the TCP level say between
> different loopback addresses to the same RR, but what would that really buy
> you ? You could even be more brave and use BGP multisession code path (if
> happens to be even supported by your vendor) which in most
> implementations I have seen is full of holes like swiss cheese but is this what
> you are doing ?
> 
Another alternative would be to spin up a separate BGP process, which I think is supported only in XR, but once again that somewhat places one on the outskirts of the common deployment graph.    
But I know Mark is using csr1k -so depending on the available NFVI resources (I guess dedicated servers in this case), I think it's not that onerous to spin up yet another VM right?


adam

netconsultings.com
::carrier-class solutions for the telecommunications industry::



More information about the cisco-nsp mailing list