[j-nsp] L3VPN/RR/PE on Same router

Mark Tinka mark.tinka at seacom.mu
Fri Aug 17 01:06:22 EDT 2018



On 16/Aug/18 17:15, adamv0025 at netconsultings.com wrote:

> Yes a good practice is to separate internet routes from internal/services
> l3vpn routes onto separate BGP control planes (different sessions at least)
> so that malformed bgp msg will affect just one part of your overall BGP
> infrastructure.

I see you've been giving this advice for quite some time now.

We've been running all address families on the same RR's (different
sessions, obviously, but same hardware) for almost 5 years. The only
reason sessions have gone down is due to hardware problems. It didn't
disrupt services because there are always 2 RR's, but we haven't seen an
outage due to protocol problems in one address family spilling over into
other address families.

Of course, I see your concern, but from our own experience over several
years, I've not seen this issue.

I mention this because introducing this kind of separation is onerous.

Mark.


More information about the juniper-nsp mailing list