Welcome to the Cisco Networking Professionals Ask the Expert conversation. Discover how service providers are supplementing their L3VPN offering with multicast services by deploying Multicast VPN (mVPN) with Cisco expert Harold Ritter. Harold is a technical leader with the Cisco Advanced Services Central Engineering team. He is responsible for helping Cisco top-tier Service Provider customers to design, implement and troubleshoot routing protocols and multicast, for both IPv4 and IPv6, and MPLS solutions in their environment. He has been a network engineer for more than 14 years. Harold is a CCIE (#4168) for Routing & Switching and Service Provider.
Remember to use the rating system to let Harold know if you have received an adequate response.
Harold might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through April 18, 2008. Visit this forum often to view responses to your questions and the questions of other community members.
Can you pinpoint some of the good tutorials on the CISCO tech website to deploy an mvpn solution within as well as Inter_AS implementation for the same.
Also I would like to know from your viewpoint some white papers that would be good to understand and deploy this.
Thanks a lot,
I would like to know is it possible to preserve the von label in inter-as communication.
In its curent implementation, mVPN doesn't use MPLS to propagate multicast traffic from one PE to another and that is regardless whether it is deployed in a single AS or inter AS.
In the case of l3vpn Inter AS, it would be possible to preserve the vpn label from the egress PE in one AS to the ingress PE in the other by using option 10c.
Let me know if I understood your question correctly,
Here are a couple of links to mVPN technical resources from CCO:
Multicast Virtual Private Networks Concepts:
Multicast VPN Design Guide:
Configuring Multicast VPN Inter-AS Support:
I also posted the "Advances in IP Multicast" Networkers 2007 presentation, which covers some aspects of mVPN.
Let me know if you have any specific questions,
I was wondering, by having IP/MPLS backbone with BGP free core, how does multicast on L3VPN tackle the issue of RPF check?
Correct me if I'm wrong, in a native IP, all the routers, need to run global multicast, since everything runs on mpls, how does RPF check behave?
Thanks in advance.
When mVPN is deployed within the scope of a single AS, there is no issue as the RPF check has to be performed against the PE loopback address, which is part of the IGP.
When mVPN is deployed between different ASes and that PE addresses from respective ASes are not shared between each others, such as in interAS option 10b, then the solution is to use a feature called PIM RPF Vector.
For more information about this feature, please refer to the following URL:
Just to avoid the confusion. I mentionned that RPF check would require the RPF Vector feature when Inter AS option 10b is used but it will also be required if option 10c is used in a BGP free core context.
In order for me to protect my customers L3VPN multicast traffic from lsp path broken, what are the option available especially from PE to PE?
Is there are such for MPLS TE? From what I know, we can do based on class of services?
Is there a such QoS for multicast traffic?
In the context of Service Provider point of view, what is the best way in providing guarantee solution especially priority customers that needs IPv4/IPv6 Multicast L3VPN?
Appreciate your input and insight .
mVPN is currently not implemented using MPLS, so we can't really talk about LSP protection. It is rather implemented using point to multipoint GRE tunnels from each PE to all other PEs servicing the same VRF.
In this context, the best way to recover from any failure in the core is to implement IP fast convergence, which will affect the multicast convergence time as well. It is reasonable to reach sub second convergence time in this context.
Let me know if you have any other questions,
I want to ask you how to configur and manage a pix 501(ver 6.3) with cisco vms 2.3
The security section would be more appropriate to get an answer for this question.
I would like to know about GET VPN key server redundancy.Can you give any configuration examples for failover in the sense of key server.
I think your question would be more suitable for the Security section of NetPro.
- Can you recommend a good reference book/url/group for the design and deployment of IPTV services over an mVPN infrastructure? (Carrier/Service Provider level)
- Will the 7600 be the right choice for such deployment or are there any other recommended platform? (Carrier/Service Provider level)
The 7600 is definitely the right platform for that kind of deployment. Most IPTV deployments I have seen so far are based on that platform.
As far as references are concerned, I have nothing specifically for IPTV over mVPN but here are a few links:
Delivering Video Quality in Your IPTV Deployment:
IPTV Solutions for Wireline Carriers:
CISCO 7600 ROUTER: RESILIENCE AND AVAILABILITY
FOR VIDEO DEPLOYMENTS:
Multicast VPN Troubleshooting Guide:
for IPTV (and beyond):