Random MPLS/VPN Q&A

I got a long list of MPLS-related follow-up questions from one of the attendees of my Enterprise MPLS/VPN Deployment webinar (register for a live session or buy a recording) and thought it might be a good idea to share them (and the answers) with you.

You said that the golden rule in simple VPN topologies is RD = export RT = import RT. Are there any other “generic rules”? How would you setup this RD&RT association for hub&spoke VPN scenario?

Common services VPN topologies could be implemented in two ways (on top of existing simple VPN topology):

  • Low-touch scenario: Dedicated RD for common services VRF, customer import/export RT added to the common services VRF.
  • Scalable scenario: Dedicated RD for common services, asymmetric per-CS import/export RT (described here).

There are at least two ways to implement hub&spoke topology: the truly complex one described in my MPLS/VPN Architectures book and a slightly simpler one where the hub site advertises the default route to all spokes. In both cases you need two asymmetrical route targets (export RT for spokes imported into hub, export RT for hub imported into spokes) and unique RD for each VRF.

A reader of your blog said he uses L2TPv3 instead of LDP for MPLS implementation. Is this is similar to GRE encapsulation technique?

L2TPv3 is a pseudowire (and thus VPLS) transport option, not MPLS/VPN one. You could, in theory, run MPLS over L2TPv3 pseudowire, but let’s not go there.

I have heard about different label methods allocation? How can I know on one particular device what method is used (per platform/per interface)?

Most devices do per-platform allocation. LC-ATM (thankfully already obsolete) used per-interface label allocation. Per-platform allocation is mandatory for features that are not interface-specific like MPLS/VPN.

Is LDP/IGP synchronization only available on OSPF and ISIS?

Yes. Although it wouldn’t be hard to implement it with EIGRP (using cost-adjusting tricks similar to the OSPF case), EIGRP is rarely used in MPLS networks as it cannot support dynamic traffic engineering tunnels (you can only build explicit tunnels across EIGRP networks).

How can I see the labels assigned to VPNv4 prefixes?

Option#1: show bgp vpnv4 unicast (all | rd value | vrf name) prefix

Option#2: show bgp vpnv4 unicast (all | rd value | vrf name) labels

How would you integrate Internet service with MPLS? I know there are at least two methods: transport Internet routes over the MPLS VPN or use a dedicated interface/subinterface?

It depends on what you’re trying to do, what the deployment scenario is, whether you need full BGP routing (in which case I would never use Internet-in-a-VPN) or not, whether you feel comfortable mixing your Internet traffic with your enterprise traffic (if not, use dedicated (sub)interface for Internet) ... The MPLS/VPN Architectures books as well as “Definitive MPLS Network Designs” from Jim Guichard describe most of the options.

1 comment:

  1. Thank you for sharing this with others, too!

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.