07-26-2012 02:01 PM
Hello,
we have just rolled an MPLS network as service provider and will soon lunch services through it, to start with is l3vpn. I would like to find out what are the best practices for LDP setup such as would you recommend to have;
- MD5 passwords from the word go or it can done at later stage.
- what configuration tweaks do you reckon should be resolve before we can start adding clients to the network or what should my audit checklist be like to ensure I am putting out a network that meets operational best practice.
- our IGP is ISIS.
I will appreciate your invaluable advise.
Regards,
Solved! Go to Solution.
07-26-2012 02:32 PM
Hello,
Following is the best MPLS Practises:
1- The Use of LDP MD5 - Password Protection in your MPLS Network.
2- The Use of Route Reflectors for Scalability reasons.
3- The Use of Public AS Number within the MPLS Backbone, this helps you plan to be a Global MPLS Provider.
4- Redundancy at the Core is a Must, Redundancy at the Edge is Prefered.
5- Never Run LDP between Different MPLS Service Provider, its NOT a good Security Practise. Applicable for (Inter-AS) Architecture Approach.
6- The Best approach is to have the PE at each POP peers with two different P routers at the Core. If you Hvae Two PEs at each POP this would Provide fully redundant Edge Network.
7- Your Core Should be High End Series, I would advice with CRS , 12000 Or at Least ASR9K for Medium Service Providers, and 7600 can be installed at the Edge.
8- The Last Note Would be to try Avoiding (VRF - Route Leaking) as Much as possible. Design Your VRFs according to your Needs from the begining.
Good Luck,
Mohamed
07-26-2012 02:39 PM
Hi,
for LDP, I'd advise to run conditional label advertisement, and evaluate features like LDP Session Protection and LDP IGP Synchronization(ISIS supports it well).
MD5 authentication is a good thing certainly.
Regards,
Ivan.
07-26-2012 02:32 PM
Hello,
Following is the best MPLS Practises:
1- The Use of LDP MD5 - Password Protection in your MPLS Network.
2- The Use of Route Reflectors for Scalability reasons.
3- The Use of Public AS Number within the MPLS Backbone, this helps you plan to be a Global MPLS Provider.
4- Redundancy at the Core is a Must, Redundancy at the Edge is Prefered.
5- Never Run LDP between Different MPLS Service Provider, its NOT a good Security Practise. Applicable for (Inter-AS) Architecture Approach.
6- The Best approach is to have the PE at each POP peers with two different P routers at the Core. If you Hvae Two PEs at each POP this would Provide fully redundant Edge Network.
7- Your Core Should be High End Series, I would advice with CRS , 12000 Or at Least ASR9K for Medium Service Providers, and 7600 can be installed at the Edge.
8- The Last Note Would be to try Avoiding (VRF - Route Leaking) as Much as possible. Design Your VRFs according to your Needs from the begining.
Good Luck,
Mohamed
07-26-2012 02:39 PM
Hi,
for LDP, I'd advise to run conditional label advertisement, and evaluate features like LDP Session Protection and LDP IGP Synchronization(ISIS supports it well).
MD5 authentication is a good thing certainly.
Regards,
Ivan.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide