[j-nsp] Segment Routing Real World Deployment (was: VPC mc-lag)
Pavel Lunin
plunin at gmail.com
Mon Jul 9 18:46:21 EDT 2018
We run MPLS all the way into the access, on ASR920's. So pw's are
> end-to-end, and the Provisioning/NOC teams only need to look at the end
> boxes. I found the whole idea of centralized "gateways" in the core to be a
> bit clunky.
>
I have no doubt that you know how to run MPLS in the access smoothly.
However, choosing the right gear for this role has always been a hard job.
Those folks who chose Brocade CES some 5-7 years ago, where are they now?
The problem is that most real-world networkers have not enough
understanding of MPLS internals, or time, or both to check all those
hardware and software limits and rather look at the vendor's specs in terms
of "supported/not supported". This approach works _relatively_ well in many
cases like choosing a classic switch or a firewall or even an MX/ASR-like
full-feature PE. But for the MPLS in the access you need to tear the guts
out of your vendor, test everything yourself in all possible scenarios and
still be extremely suspicious about every single thing. Moreover a lot of
people have some commercial/political limits in choosing hardware.
So, while MPLS in the access looks like a good idea, and there are people
who manage to run it well, I know more failure than success stories.
However p2p pseudo-wire service is a kind of rare thing these days. There
> are [quite a lot of] those poor folks who were never asked whether bridged
> L2 VPN (aka VPLS) is needed in the network, they operate. They have no much
> choice.
>
>
> This is a number I'd like to, someday, actually qualify. When VPLS was the
> buzzword in 2009, everyone was jumping on to it. I'd like to know how many
> of those have continued with it, moved over to EVPN, moved to l3vpn, moved
> to plain-old Internet or moved to LDP-based p2p and p2mp solutions.
>
Good question, indeed. In my opinion there are still a lot of folks out
there who build DC networks with vPC, FEX, VirtualChassis, Fusion etc,
which is finally the old good VLANs in a vendor packaged black magic box.
Sooner or later those VLANs need to go across multiple sites. It's nearly
improbable that having such a design, you'll mange to build a
EVPN-VXLAN-hipster-buzz-based DCI. So VPLS is still their best friend. I've
seen some of them who understand that it's evil, and some who believe that
it's OK, both had no choice.
However my original point was rather about pseudo-wires than VPLS. I mean,
I don't see a lot of pseudo-wires in the wild. Mostly because PW is a kind
of hard to sell. Customers can be of two types: those who love Metro
Ethernet and those who don't. It's true for real customers, whose
requirements are amplified by the sales people, and internal infrastructure
folks.
Those who love L2 because "it's better and easier" usually don't know what
a pseudowire is. And they just don't care. "Like a switch" is what they are
looking for.
Those who avoid metro-ethernet just don't need pseudowires, certainly
automesh Kompella-style. L3VPN works well for them, or they buy L1 between
their routers, or go EVPN.
A pseudo-wire is a kind of side application in my experience, even though
technically it's simple and powerful. Not that it doesn't exist as a
commercial service, but mostly used for internal infrastructure needs on an
occasional basis.
So I tend to think, that if your business can make money out of
pseudo-wires, it's not about your network design, you are just lucky ;)
--
Pavel
More information about the juniper-nsp
mailing list