From: Scott Morris (smorris@ipexpert.com)
Date: Thu Jan 31 2008 - 17:08:01 ARST
If you are not doing Inter-AS MPLS VPNs, it may be in your better interest
to go with the IPv4+RD version there. But there's lots of different things
to look at, including (but not limited to) how much of a pain in the butt
it'll be to redo things that are already in place.
That's the crappy part about expanding business! While making extra money
and having more going on is good, eventually we all reach points where we
realize that decisions made a long time ago (which seemed like a good idea
at the time) are no longer functional!
But you're right, voice guys don't quite have the appreciation for things
like this. :) (I'm hoping that Mark Snow, one of our Voice & Security guys
will pick up on this just so he can abuse me back!) But at the same time,
most IP guys can't design a good dial plan to save their lives... So it's
all a tradeoff!
If it's just YOUR MPLS network though, you can use private addresses without
difficulty, and even a private AS. The problems occur when you end up
needing to peer with another AS and/or exchange information with them.
HTH,
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE-M
#153, JNCIS-ER, CISSP, et al.
CCSI/JNCI-M/JNCI-ER
VP - Technical Training - IPexpert, Inc.
IPexpert Sr. Technical Instructor
A Cisco Learning Partner - We Accept Learning Credits!
Telephone: +1.810.326.1444
Fax: +1.810.454.0130
http://www.ipexpert.com
_____
From: Gabriel Nunes [mailto:gabriel.nunes@gmail.com]
Sent: Thursday, January 31, 2008 11:56 AM
To: smorris@ipexpert.com
Cc: Cisco certification
Subject: Re: Public or Private AS
Thanks Scott,
You caught my point. What we have here is different and makes part of the
evolution. We are used with backbones which already had a BGP configured and
was migrated to MPLS, or we have ISP's that already had BGP configured as
well.
Now we have a mobile phone provider wishing to extended its services to the
corporative world. They will firstly lauch a Voice solution called "Class
5". It is a CPE connected to a IP PABX, and this CPE will talk SIP with the
Softswitch and RTP with the Media gateways.
Once they have an CPE on the customer house they will attack the VPN
service, and they already have a power MPLS for this.
So this is new, mainly for the Engineering which has Voice experts and not
IP experts. This is why I have to prove them the need of an Public AS on the
backbone.
I have raised the following points and I sent this e-mail to the group in
order to check if anyone knows any other strong impact. I think they are
seeing this as a "flexibility point". The points are:
- Avoid routing issues with customers that wish to stablish BGP session with
the CE. The private AS may overlap with some AS configured on the customer
network or with some other Service Provider which the customer may be
connected.
- The VPNv4 address, is built by IPv4 + RD (Route Distinguer). The structure
of this value can be either ASN:nn or IP-address:nn. It is recommended to
use ASN:nn with an Autonomous System Number (ASN) that is assigned by the
Internet Assigned Numbers Authority (IANA) so that it is unique between
service providers. when the MPLS/VPN network uses a private AS number it is
recommended to use the IP-address:nn format only but the VPN-IPv4 addresses
are propagated beyond the private AS (for example, when exchanging VPN
routes between different service providers). Because the customers who use
the routes contained within the VRF also can attach to other MPLS/VPN
service providers, it is important to use the ASN of the service provider as
the first two bytes of the route distinguisher format to avoid using the
same VPN-IPv4 addresses in separate MPLS/VPN domains.
- The mandatory use of a public address on the PE-CE meshing and CE Loopback
(management). would belong to some ISP, which means that the network will be
dependent of this ISP as there will be no workaround to change all the
addressing in the future.
If the mobile phone provider wishes to become an ISP in the future. The
private AS will influence on the internet VPN provisioning.
Thanks you all. If you have any other suggestion...
Gabriel Nunes CCIE#17737
On Jan 31, 2008 1:29 PM, Scott Morris <smorris@ipexpert.com> wrote:
I suppose that depends on who you are going to peer with and what their AS
numbers are.
While public AS numbers are good because you have a relative guarantee of no
overlap, it's not always necessary. As a mobile phone provider, I'm having
a hard time visualizing who you would peer with that would not be a public
AS already. (e.g. real ISPs and not end customers)
But otherwise, situations like these are why we have exciting technologies
such as BGP Confederations or the Local-AS command set!
If you're worried about overlap on AS numbers, don't pick the obvious ones!
Most docs have 64512-64519 or 65000-65009 in them. Don't use those. Pick
something like 64739 or some weird number like that and your chances of
overlap are statistically reduced.
Cheers,
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE-M
#153, JNCIS-ER, CISSP, et al.
CCSI/JNCI-M/JNCI-ER
VP - Technical Training - IPexpert, Inc.
IPexpert Sr. Technical Instructor
A Cisco Learning Partner - We Accept Learning Credits!
Telephone: +1.810.326.1444
Fax: +1.810.454.0130
http://www.ipexpert.com <http://www.ipexpert.com/>
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Gabriel Nunes
Sent: Wednesday, January 30, 2008 9:20 AM
To: Cisco certification
Subject: Public or Private AS
Hi Experts!
I work for a mobile phone provider which is intending to provide VPN MPLS
service that require the use of MP-BGP protocol into the backbone MPLS.
The question is regarding the AS number to use in the backbone. I believe
that they need to configure a public AS instead of a private AS to avoid
some kind of overlapping issues with the customer, and BGP AS-Path issues as
well.
I'd like to hear from your side the key technical points to justify the use
of a public AS in the backbone for this service. Any?
Thanks,
Gabriel Nunes CCIE#17737
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:47 ARST