Option A, 2 PE pair per Provider, Redundancy

Unanswered Question
Oct 15th, 2008

Hi All,

Requesting suggestions for the following scenario, let's say we have 2 service providers (SP) offering MPLS VPNs through Option A (Back to Back VRF).

These SPs are connecting through two PE/ASBRs each, like SP As, PE_A1 and PE_A2 and SP Bs, PE_B1 and PE_B2.

PE_A1 is connected to PE_B1 and PE_A2 is connected to PE_B2, this configuration is to offer PE redundancy.

I am thinking of having HSRP between these different PEs. But reckon there has to be a better way to do this.

Any suggestions?

Thanks

Cheers

~sultan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
mheusing Thu, 10/16/2008 - 07:33

Hi Sultan,

HSRP would require static routes and this will not scale that well, as you need to update the ASBR(s) each time the customer introduces a new network into one VRF.

Using eBGP as "PE-CE" protocol will give you the redundancy required with the control desired. Per VRF the design can be that of a redundant internet access for an enterprise customer, as the other side is seen like a CE. BGP is built for primary/backup scenarios, so local preference could be used.

Essentially your design question can be rephrased to: How do I offer redundant MPLS VPN access to a customer?

The answer typically will be eBGP or OSPF.

Both protocols have their pros and cons, so a more detailed look into requirements would help to decide for either one.

Hope this helps!

Regards,

Martin

sultan-shaikh Mon, 10/20/2008 - 00:21

Hi Martin,

Many thanks for your response.

I agree with you and stand corrected. So if I am using eBGP between my and other Provider PEs, should I consider BGP local-preference attribute?

Are there any potential issues I might have to deal with here?

The reason for my paranoia is because I will be doing this directly in the production network without the benefit of vetting this in a Lab.

Thanks

Cheers,

~sultan

mheusing Mon, 10/20/2008 - 03:26

Hi Sultan,

You seem to like challenges and thrilling changes ;-)

Well,

I guess what might also be interesting to you: "MPLS VPN - Inter-AS Option AB"

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_vpn_ias_optab.html

With this option you have VRF back-to-back, but only 1 MP-BGP session between ASBRs.

Gernerally potential issues are similar to a normal PE-CE situation

- protection from too many routes

- scalability in general

- PE security

- There was something I saw about BGP router-ID being the same for different VRFs and issues arising from this, but can neither remember the details nor find the reference.

Hope this helps!

Regards,

Martin

sultan-shaikh Wed, 10/29/2008 - 23:04

Hi Martin,

Thanks for your valuable suggestions and sorry for my delayed response.

I will definitely consider option B as suggested by you, for the time being I have already implemented the previous option and it is looking good so far. The plan is to migrate to option B as we scale further.

Thanking you once again for your helpful comments.

Cheers

~sultan

Actions

This Discussion