[j-nsp] Upstream Traffic Manipulation Question

Stefan Fouant sfouant at gmail.com
Mon Oct 5 02:46:56 EDT 2009 

On Sun, Oct 4, 2009 at 9:28 AM, Walaa Abdel razzak <walaaez at bmc.com.sa>wrote:

> Hi Experts
>
> I need your suggestions for the best design for the following scenario:
> it's a customer has a public AS and MPLS network, connected to upstream
> provider through two links in two differnt POP's. The customer receives the
> default route and few prefixes only from the provider from both POP's. The
> key here is that the customer needs certain subnets to follow the default
> route coming from POP1 in the upstream, the downstream must be through the
> same POP1. Other subnets should follow the default route coming from POP2 in
> the upstream, the downstream must also be through the same POP2. My question
> here is not in the downstream as it's easy to adjust through BGP attributes
> and prefix length, but it's in the upstream direction to the internet. how I
> can gaurantee that certain prefixes follows the default route through one
> POP will be back from the same POP? I was thinking about splitting customer
> traffic into two VRF's and inject default routes with different prefernces.
> do you think!
>  it's the best or you have another susggestion? The customer has no other
> provider.
>

For source-based routing of packets, you are going to need to perform
Filter-Based-Forwarding (FBF) which will then cause the packet to get routed
into a routing-instance of your choosing.  You are going to need to
constrain the set of routes in the routing-instance such that it will route
out towards the appropriate POP.  The problem here is that you are going to
need to configure this FBF and routing-instance construct on every router so
it could get a bit cumbersome.  There are a lot of different ways in which
you could distribute the routes into your routing-instance - a consistent
policy using rib-groups could be configured across all your routers to leak
only certain routes into your routing-instance, or you could set up
additional peerings within your routing-instance/VRF for dynamic
advertisement of the constrained routes.  Depending on the way that the MPLS
network is set up, you might be able to get away with configuring the FBF on
only the head-end router and punting that traffic into the appropriate LSP
for transit across the AS.

I am sure there are other ways... I'd be interested in hearing others'
feedback as well...

Cheers,

-- 
Stefan Fouant

More information about the juniper-nsp mailing list