Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2020
Views
1
Helpful
2
Replies

LDP - Best practices

Go to solution
mwandu
Level 1
Level 1

‎07-26-2012 02:01 PM

Hello,

we have just rolled an MPLS network as service provider and will soon  lunch services through it, to start with is l3vpn. I would like to find out what are the best practices for LDP setup such as would you recommend to have;

- MD5 passwords from the word go or it can done at later stage.

- what configuration tweaks do you reckon should be resolve before we can start adding clients to the network or what should my audit checklist be like to ensure I am putting out a network that meets operational best practice.

- our IGP is ISIS.

I will appreciate your invaluable advise.

Regards,

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Mohamed Sobair
Level 7
Level 7

‎07-26-2012 02:32 PM

Hello,

Following is the best MPLS Practises:

1- The Use of LDP MD5 - Password Protection in your MPLS Network.

2- The Use of Route Reflectors for Scalability reasons.

3- The Use of Public AS Number within the MPLS Backbone, this helps you plan to be a Global MPLS Provider.

4- Redundancy at the Core is a Must, Redundancy at the Edge is Prefered.

5- Never Run LDP between Different MPLS Service Provider, its NOT a good Security Practise. Applicable for (Inter-AS) Architecture Approach.

6- The Best approach is to have the PE at each POP peers with two different P routers at the Core. If you Hvae Two PEs at each POP this would Provide fully redundant Edge Network.

7- Your Core Should be High End Series, I would advice with CRS , 12000 Or at Least ASR9K for Medium Service Providers, and 7600 can be installed at the Edge.

8- The Last Note Would be to try Avoiding (VRF - Route Leaking) as Much as possible. Design Your VRFs according to your Needs from the begining.

Good Luck,

Mohamed

View solution in original post

Go to solution
Ivan Krimmel
Level 7
Level 7

‎07-26-2012 02:39 PM

Hi,

for LDP, I'd advise to run conditional label advertisement, and evaluate features like LDP Session Protection and LDP IGP Synchronization(ISIS supports it well).

MD5 authentication is a good thing certainly.

Regards,

Ivan.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Mohamed Sobair
Level 7
Level 7

‎07-26-2012 02:32 PM

Hello,

Following is the best MPLS Practises:

1- The Use of LDP MD5 - Password Protection in your MPLS Network.

2- The Use of Route Reflectors for Scalability reasons.

3- The Use of Public AS Number within the MPLS Backbone, this helps you plan to be a Global MPLS Provider.

4- Redundancy at the Core is a Must, Redundancy at the Edge is Prefered.

5- Never Run LDP between Different MPLS Service Provider, its NOT a good Security Practise. Applicable for (Inter-AS) Architecture Approach.

6- The Best approach is to have the PE at each POP peers with two different P routers at the Core. If you Hvae Two PEs at each POP this would Provide fully redundant Edge Network.

7- Your Core Should be High End Series, I would advice with CRS , 12000 Or at Least ASR9K for Medium Service Providers, and 7600 can be installed at the Edge.

8- The Last Note Would be to try Avoiding (VRF - Route Leaking) as Much as possible. Design Your VRFs according to your Needs from the begining.

Good Luck,

Mohamed

Go to solution
Ivan Krimmel
Level 7
Level 7

‎07-26-2012 02:39 PM

Hi,

for LDP, I'd advise to run conditional label advertisement, and evaluate features like LDP Session Protection and LDP IGP Synchronization(ISIS supports it well).

MD5 authentication is a good thing certainly.

Regards,

Ivan.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents