[j-nsp] MPLS VPN BGP Local Convergence

Adam Vitkovsky avitkovsky at gammatelecom.com
Tue Jan 20 18:08:16 EST 2015

Hi Saku,

Yeah the "BGP local convergence" is an old one indeed from days where we had to run iBGP multipath load sharing to get two paths programed into the HW.  
However this feature is essential for fast convergence. 

This feature prevents from blackholing during BGP convergence in cases where you have primary and backup egress PEs and  a PE-CE link fails on the primary PE. 
While the BGP infrastructure is converging the ingress PEs keep on sending data towards the primary PE with the failed PE-CE link that would otherwise drop the packets. 
Primary PE running "MPLS VPN BGP Local Convergence" feature will keep the VPN(e.g. per in-vrf-NH) label for the failed link for some time (which would be otherwise released). 
But the label no longer points to the egress PE-CE in-vrf-NH but now it points to a NH label on the path towards the backup PE. 
So that's how the Primary PE does kind of local repair till the BGP converges and ingres PEs start using backup PE as the NH for the VPN prefixes. 

Right solving a PE router failure is easy as IGP will notify all PEs in no time and they can then start using the preinstalled backup path(PIC)  or just reprogram the chained NHs to point to an alternate forwarding NH which should be fairly quick as well. 

But with failed CE-PE link all you've got to let everybody know is the slow BGP process (unless you put your CE-PE links into IGP which is the way it was done back in the old old days - pure ipv4 BGP core). 
This is where the BGP local convergence feature becomes handy. 

> -----Original Message-----
> From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
> Of Saku Ytti
> Sent: 20 January 2015 18:49
> To: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] MPLS VPN BGP Local Convergence
> On (2015-01-20 16:57 +0000), Adam Vitkovsky wrote:
> > Hi Folks,
> >
> > Is there an equivalent to the "MPLS VPN BGP Local Convergence" feature
> on Junos please?
> > Possibly for non VPN prefixes as well.
> http://www.juniper.net/documentation/en_US/junos14.2/topics/task/confi
> guration/layer3-vpn-bgp-pic-edge-configuring.html
> I don't really recall difference in 'local convergence' and BGP PIC, but I
> seem to recall, 'local convergence' didn't install backup path, but
> recalculated it when fault occurred.
> I don't know if this inferior version is available in JunOS or if you'd even
> want to run it, if it were.
> <rant>
> Unfortunately only for VPN. Why oh why do we have concept of global table
> and
> VRF, INET should in same code path as VRF, with no special treatment.
> Juniper
> still introduced in 14.2 features that work only in global table. This feature
> disparity between global and vrf is highly annoying. And I'm sure it adds
> development costs to consider these different things. Rather than pay one
> time
> cost to redesign the legacy code, vendors opt to pay for decades to support
> the old architecture which things they are different things.
> </rant>
> --
>   ++ytti
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
 This email has been scanned for email related threats and delivered safely by Mimecast.
 For more information please visit http://www.mimecast.com

More information about the juniper-nsp mailing list