From: Brent Foster (jbrentfoster@yahoo.com)
Date: Mon Apr 03 2006 - 16:09:58 GMT-3
Olopade,
See this link...
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hmp_c/part20/mpbkias.htm
"If the IBGP neighbors are not configured with the
neighbor next-hop-self command, the next-hop address
does not get changed. ASBR2 must propagate a host
route for the EBGP peer through the IGP. To propagate
the EBGP VPN-IPv4 neighbor host route, use the
redistribute connected subnets command. The EBGP
VPN-IPv4 neighbor host route is automatically
installed in the routing table when the neighbor comes
up. This is essential to establish the label-switched
path between PE routers in different autonomous
systems."
--- Olopade Olorunloba <lolopade@ipnxnigeria.net>
wrote:
> Hello Arun,
>
> Thanks for the email, and I will like to say that I
> quite agree with a
> number of the things you said, but not all.
>
> First, like you said both solutions can work. So
> anyone can actually decide
> to use either.
>
> With respect to the two discussions.
>
> 1) CCIE Lab Requirement. I will like to agree with
> you on this point. Unless
> we are specifically allowed to configure extra
> loopbacks, the solution will
> not be permitted in the CCIE lab.
>
> 2) Best Practice. I will almost agree with you on
> the best practice except
> for the following points.
> a) Key to the solution is not the TE tunnel, but the
> ability to change
> advertised BGP next-hop address. Check my former
> mail where I gave an
> example of how to configure without use TE tunnels.
> b) I tried to configure the VPNV4 across physical
> interfaces, but I did
> not get any host routes. I therefore see this as a
> potential failure point.
> And if we have a potential failure point, can we
> talk about best practices
> (I'm interested in how you got the host route, if
> you have documentation on
> this I will appreciate it). Other than configuring
> an host route and
> redistributing it into the IGP, I'm not sure how
> else. Configuring a static
> route will however not be permitted in CCIE labs
> also.
> c) If the backup link transverses more than one
> router, then the whole
> solution breaks down. Hence the solution is not
> scalable because it does not
> allow for the introduction of an additional hop.
> d) I'm not sure about your point with reference to
> ASBR and Inter-AS
> setup.
>
> I will like to say again that the solution does not
> depend on TE. It is just
> that TE tunnels are the best way to manipulate
> traffic paths on a network.
> If the two PEs are directly connected, then the TE
> is really not needed, as
> there is no manipulation to be done on intermediate
> routers. However, if
> there are multiple intermediate routers on the
> backup link, then TE will be
> recommended, as against 2 static routes on each
> intermediate router.
>
>
>
> Like has been said, both solutions could work, but
> one solution (to me) has
> more failure points and also less scalable. In real
> life, I will go for a
> solution that works and is scalable. For the CCIE
> exam, I will read
> in-between the exam questions to know what they want
> me to configure.
>
>
> Hope you agree with some of these as well, and I
> will still appreciate your
> input with respect to the host route.
>
> Thanks
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com
> [mailto:nobody@groupstudy.com] On Behalf Of Arun
> Arumuganainar
> Sent: 03 April 2006 14:52
> To: Olopade Olorunloba; jbrentfoster@yahoo.com;
> ccielab@groupstudy.com;
> comserv@groupstudy.com
> Subject: Re: OT: how to filter out several VPNs from
> a MPLS backbone backup
> path
>
> Hi Olopde ,
>
> Pls. Note :To begin with , I tend to belive both
> solutions will work . But
> question is what suits us the best .
>
> Let us split this in two discussion . 1) Does it
> solve CCIE Lab requirement
> 2) Does this design inline with Cisco's best
> practices . I would like to
> discuss this one-by-one .
>
> CCIE Lan requirement :-
> ~~~~~~~~~~~~~~~~
> One of the important rule in CCIE Lab : DO not
> create any addtional
> interface and/or do not configure any additional
> address on any of the
> address unless you are asked to do this explicitely
> .
>
> If the question does not talk about additional
> loopback interface and
> associated ip-address ...you are assured of loosing
> the marks for this
> question ( Pls. do let me know if you have differing
> opinion ) .
>
> Cisco Best Practices- A discussion :-
> ~~~~~~~~~~~~~~~~~~~~~~~~
> As a matter of fact , TE is higly resource consuming
> . This is do for the
> following reason .
>
> 1 ) It maintains TE Topology database ( Needs more
> Memory )
> 2) It send out query through the path before it can
> bring up the tunnel (
> Takes time to get established )
> 3) It need to send RSVP refresh information and need
> to maintain RSVP states
> ( Requires Valuable processor resource and
> bandwidth) .
>
> Due to these factors ,this solution is very much
> undesirable in service
> provider environment . It is especialy so when you
> can easily do the same
> via other means that is simple and more elagant .
>
> Whats wrong with BGP Solution ( Problems with
> Physical address that use for
> peering ) .
> ~~~~~~~~~~~~~~~~~~~~~
> Yes you prefectly right !!! This problem does exists
> when you peer with
> physical address . However workaround does exists .
>
> When ever you create a bgp peering with physical
> interface and activate it
> for send-label ( Note : When you activate a peering
> for VPNV4 address family
> send-label is enabled by default ) ...then a
> connected /32 bit route is
> added to routing table for remote side peer address
> automatically . This is
> sample o/p that I have taken in my setup !!!
>
> Router1#sh ip route | i 172.16.16.
> C 172.16.16.6/32 is directly connected,
> Ethernet0/0.16
> C 172.16.16.0/24 is directly connected,
> Ethernet0/0.16
>
> Pls. Note : You can find that in addition to /24 you
> can also a find a
> connected /32 route added to the routing table .
>
> Our job is to simply redistribute this in to our IGP
> . Once this is done
> connectivity will not be a problem .
>
> Pls. note : You can refer to Inter-as VPN option 2
> with out Next-hop-self on
> the ASBR !!!
>
> Hope you will agree with my conclusions .
>
> Thanks and Regards
> Arun
> ----- Original Message -----
> From: "Olopade Olorunloba"
> <lolopade@ipnxnigeria.net>
> To: "'Arun Kumar Arumuganainar'"
> <aarumuga@hotmail.com>;
> <jbrentfoster@yahoo.com>; <ccielab@groupstudy.com>;
> <comserv@groupstudy.com>
> Sent: Saturday, April 01, 2006 2:45 AM
> Subject: RE: OT: how to filter out several VPNs from
> a MPLS backbone backup
> path
>
>
> > Hello Arun,
> >
> >
> >
>
=== message truncated ===
Brent Foster
jbrentfoster@yahoo.com
This archive was generated by hypermail 2.1.4 : Mon May 01 2006 - 11:41:56 GMT-3