Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
550
Views
0
Helpful
4
Replies

MPLS questions for Service provider

nshahrin
Level 1
Level 1

‎07-20-2003 09:11 PM

Dear all,

Dear all,

1) Let say if one company subscribe to 128Kbps access (64Kpbs CAR) at branches and 2Mbps (with 1Mbps CAR) at HQ, what is the best way to show/produce a report if they ask service provider to show that they are really getting 64Kbps all the way from branch to HQ.

Is anyone here know about this. What is the best tools/software/router config required to fulfill this requirement.

2) MPLS use IP. If SP been attack by DDOS, this will of course will effect mpls vpn traffic. How you guys handle this type of question or solution that you are using.

Thanks a lot.

--shahrin

Labels:
0 Helpful
4 Replies 4

gmarogi
Level 5
Level 5

‎07-24-2003 01:10 PM

I have read that the security provided by MPLS VPN is equivalent to that provided by Frame-relay or ATM networks. I think DoS attacks in MPLS based VPN is difficult because the spoofed packets for attack should enter the same interface to which the VRF of a customer is bound, for it to be forwarded to other sites of the customer. Since the customers are provided isolation based on separate VRFs, in the likelihood of a DoS attack, the attack is isolated only to a particular customer and other customers will not get affected.

0 Helpful

romccallum
Level 4
Level 4

‎09-11-2003 12:58 AM

answer to 1. SP's like the one I work for use concord for those kind of stats that you are looking for.

answer to 2. The Dos attack is not just related to SP's. A customer for instance could have an internet connection hanging off the one of their own routers. This then gets attacked and distributes the routes into the SP's PE router. Hence the WHOLE router is in deep crap as the routing table will increase dramatically. To avoid this happening you should be asked how many routes you have in your "normal" routing table. The SP will then allow you to advertise "normal"*10%. If you go above that limit then the link will be shut down. This has two effects - 1. It protects YOU against a DOS attack in the SP domain and 2. It protects the SP from a Dos attack in the customers domain.

HTH

0 Helpful

nshahrin
Level 1
Level 1
In response to romccallum

‎09-11-2003 06:55 PM

Hello again,

1) we are having mpls based on LDP in our network and no TE or L2VPN inside. We do have Concord v5.0 and vpnsc2.0. Is there a feature available in Concord itself for us to produce the report. Do u have mode idea on how your network management team do it.

2) how SP monitor the increase in the routes and configure in IOS to shut the link if reach max value on routes. i never heard about this.

thanks buddy.

0 Helpful

rohit.patel
Level 1
Level 1
In response to nshahrin

‎01-30-2004 06:30 AM

For your question 2) the following command in the address-family configuration is used: -

neighbor (loopbackback address of the CE) maximum-prefix 500 90

This will tear down the session once it exceeds 90% of 500 (450).

neighbor (loopbackback address of the CE) maximum-prefix 500 90 warning-only

This verision of the command enables warning message logging once it exceeds 90% of 500 (450)

Rohit

0 Helpful
Customers Also Viewed These Support Documents