Re: MPLS Route Targets

Paul Negron @ 25/08/2010 0:23 -0300 dixit:
> All,
>
> I have once again proved that RD's do NOT have to match under ANY
> conditions.

Paul,
I don't disagree with this. Even if they don't match, selection of path
will be carried on by BGP policy.

Let's put this straight, i.e., what I'm saying here:

(1) RDs are to enable MP-BGP to carry multiple sets of routes without
mixing them.

(2) As long as two routes have a different RD, BGP will not try to get
the best one, it will just keep them both as different routes

(3) I was under the impresion that the selection of the route to be
imported into a vrf could be carried out by a different mechanism, when
in fact it is not.

(4) Nevertheless, route behaviour may be forced different in certain
cases depending on RDs being the same or not the same.

>
> I would like to explain it this way.
>
> You want to think of the RD's as BGP's way of seeing an interface. Since
> EVERY prefix that leaves the interface will receive the very same RD, this
> allows BGP to maintain separation from other interfaces that apply a
> different RD.
>
> (This is not how it exactly works in the above sentence, it is just a better
> visual)

Hmmm.

>
> They are treated like different prefixes between RD's while the route is a
> VPNv4 route (96 bit address).

Right.

>
> Once the prefix terminates to the other side, the routes moving from one
> direction have nothing to do with the routes moving in the other direction
> in BGP, only that they don't overlap with all 96 bits (tunnels are
> unidirectional). That is why it is important that the RD not identify the
> VPN. The Route-Targets do. When they are imported, they are seen as existing
> in 2 different RD structures at the same time.

Oops. This is one way of using the scheme.
But BGP certainly does not create tunnels by default. This is a
consequence of creating different RDs for every VRF instance at every
different PE.

And RTs do not identify in the sense of identity. They are tags to
recognize which routes you are be interested in from the others.
RDs on the other hand, are part of the identity, that's why different
RDs do not mix!

>
> Even if the the same route comes from 2 different PE routers with 2
> different RD's configured, they are still viewed by BGP as 2 different sets
> of prefixes that need to kept separate throughout the BGP domain. However,
> BGP attributes will be sent across this tunnel from one CE to the other. You

This is key to our difference here: You say "even", I say "only".
It seems like you refuse to consider what happens in the case where you
assign the same RD to two different VRF instances!

(5) All I'm saying is that if RDs are the same, a network in both VRFs
will be considered *the same network* by BGP even before reaching the
final PE and thus BGP route selection policy will take place even in
transit.

(6) That being the case, the selection might be based on a different
policy, because it might take place at a different router.

> I Have the final configuration in Dynamips that proves this and will gladly
> unicast it to anyone who asks. You can test the attribute theory by shutting
> down the primary link.

And I have the dynamips (actually dynagen) file that proves this too.

>
> I have already given Carlos his complimentary copy for his role in helping
> with the discussion.
>
> Paul

Thank you Paul, but what happened here is that we, I guess, were talking
about different things.
I do disagree though in that part where you say I was talking nonsense :(

-Carlos

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net