Option A, 2 PE pair per Provider, Redundancy

Unanswered Question
Oct 15th, 2008
User Badges:
  • Bronze, 100 points or more

Hi All,


Requesting suggestions for the following scenario, let's say we have 2 service providers (SP) offering MPLS VPNs through Option A (Back to Back VRF).


These SPs are connecting through two PE/ASBRs each, like SP As, PE_A1 and PE_A2 and SP Bs, PE_B1 and PE_B2.


PE_A1 is connected to PE_B1 and PE_A2 is connected to PE_B2, this configuration is to offer PE redundancy.


I am thinking of having HSRP between these different PEs. But reckon there has to be a better way to do this.


Any suggestions?


Thanks


Cheers

~sultan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
mheusing Thu, 10/16/2008 - 07:33
User Badges:
  • Cisco Employee,

Hi Sultan,


HSRP would require static routes and this will not scale that well, as you need to update the ASBR(s) each time the customer introduces a new network into one VRF.

Using eBGP as "PE-CE" protocol will give you the redundancy required with the control desired. Per VRF the design can be that of a redundant internet access for an enterprise customer, as the other side is seen like a CE. BGP is built for primary/backup scenarios, so local preference could be used.


Essentially your design question can be rephrased to: How do I offer redundant MPLS VPN access to a customer?

The answer typically will be eBGP or OSPF.

Both protocols have their pros and cons, so a more detailed look into requirements would help to decide for either one.


Hope this helps!


Regards,

Martin

sultan-shaikh Mon, 10/20/2008 - 00:21
User Badges:
  • Bronze, 100 points or more

Hi Martin,


Many thanks for your response.


I agree with you and stand corrected. So if I am using eBGP between my and other Provider PEs, should I consider BGP local-preference attribute?


Are there any potential issues I might have to deal with here?


The reason for my paranoia is because I will be doing this directly in the production network without the benefit of vetting this in a Lab.


Thanks


Cheers,

~sultan

mheusing Mon, 10/20/2008 - 03:26
User Badges:
  • Cisco Employee,

Hi Sultan,


You seem to like challenges and thrilling changes ;-)

Well,


I guess what might also be interesting to you: "MPLS VPN - Inter-AS Option AB"

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_vpn_ias_optab.html


With this option you have VRF back-to-back, but only 1 MP-BGP session between ASBRs.


Gernerally potential issues are similar to a normal PE-CE situation

- protection from too many routes

- scalability in general

- PE security

- There was something I saw about BGP router-ID being the same for different VRFs and issues arising from this, but can neither remember the details nor find the reference.


Hope this helps!


Regards,

Martin

sultan-shaikh Wed, 10/29/2008 - 23:04
User Badges:
  • Bronze, 100 points or more

Hi Martin,


Thanks for your valuable suggestions and sorry for my delayed response.


I will definitely consider option B as suggested by you, for the time being I have already implemented the previous option and it is looking good so far. The plan is to migrate to option B as we scale further.


Thanking you once again for your helpful comments.


Cheers

~sultan


Actions

This Discussion