Multivendor network development and automation from the industry expert. Only useful knowledge and skills.

Karneliuk

Inter-AS VPN Option-B between Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR

Anton KarneliukNetworking

Hello my friend,

After we have reviewed Seamless MPLS concept, it might be not so interesting to speak about BGP/MPLS IP VPNs again. Nevertheless, Inter-AS MPLS VPNs is a separate topic, which is very interesting and can add useful solutions to your network. Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR have these options for you.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Brief overview

There are three options for inter-AS VPNs:

Inter-AS MPLS VPN option A is the easiest and the least scalable. There is no MPLS labels’ exchange between different autonomous systems. Instead of this, ASBR routers establish eBGP sessions on per VRF basis. If there are 100 clients that have inter-AS VPNs, then 100 eBGP sessions must be established between a pair of ASBR routers. So users traffic passes link between ASBRs as normal IP packets, which are completely unlabeled:

064_net_01_option_a

Inter-AS MPLS VPN option B has balance of scalability and integration of the networks. On the one hand, ASBRs in different autonomous system exchange MPLS labels, so careful consideration regarding policies and route filtering at ASBRs must be done. On the other hand, we have end-to-end MPLS LSP. In my opinion, it’s the best option for Inter-AS VPNs and I prefer to use it in the most of cases. It looks like as follows:

064_net_02_option_b

Inter-AS MPLS VPN option C is the most scalable solution. But it also requires the deepest integration of two ASes, because not only MPLS labels are exchanged between two services. There are also IP addresses (usually loopback or system) of PE routers, which build VPN, and BGP route reflectors. Take a look at the picture below:

064_net_03_option_c

Option A isn’t something specific and you can read article about usual BGP/MPLS IP VPN, where we were configuring MPLS VPN and BGP as PE-CE routing protocol. I won’t write separate article about it. Option B will be covered in this article and option C will be covered in the next article.

What are we going to test?

There are two options how we inter-AS MPLS VPN option B can be implemented. The first one is just it’s drawn at the image above. The second option is a little bit similar to Seamless MPLS and is used inside big network of one company, not between different companies. So we are going to test both of the solutions.

Topology

We are reverting back to the topology, which we have used previously:

030_net_02_phy

As I’m going to cover two cases, there will be two topologies. In general, they will be the same, but there still be some differences. That’s why I’m going to provide both of the separately. The first topology is as follows:

064_net_05_log

On the left side there is we have two Nokia (Alcatel-Lucent) SR OS routers SR1 and SR2, which represent the first service provider (ISP A) with autonomous system (AS) 65100. OSPF is configured as IGP there with announcement of loopbacks. SPRING (Segment Routing) is used for establishment of MPLS transport LSPs. Cisco IOS XR router XR3 solely represents another service provider (ISP B) with autonomous system (AS) 65200 and is connected to SR2. There is no dynamic routing between them.

Here you can find initial configuration files: linux_initial sr1_initial sr2_initial xr3_initial

Case 1 – BGP configuration for Inter-AS MPLS VPN option B

The main focus of the configuration in this article is BGP for service layer and partially for transport layer. Here is the scheme, how BGP will be configured between Nokia (Alcatel-Lucent SR OS routers in Cisco IOS XR router in order to establish Inter-AS MPLS VPN option B:

064_net_06_bgp_c1

Here is the configuration for this topology:

Nokia (Alcatel-Lucent) SR OS Cisco IOS XR
SR1 XR3

A:SR1>edit-cfg# candidate view
==============================
configure
router
autonomous-system 65100
bgp
next-hop-resolution
label-route-transport-tunnel
family vpn
resolution any
exit
exit
exit
group iBGP
next-hop-self
family vpn-ipv4 vpn-ipv6
peer-as 65100
local-address 10.0.255.11
neighbor 10.0.255.22
exit
exit
exit
exit
exit
==============================

RP/0/0/CPU0:XR3(config)#show conf
!
route-policy RP_PASS_ALL
pass
end-policy
!
router static
address-family ipv4 unicast
172.16.0.0/32 GigabitEthernet0/0/0/0.23
!
!
router bgp 65200
bgp router-id 172.16.255.33
mpls activate
interface GigabitEthernet0/0/0/0.23
!
bgp log neighbor changes detail
address-family vpnv4 unicast
!
address-family vpnv6 unicast
!
neighbor 172.16.0.0
remote-as 65100
address-family vpnv4 unicast
route-policy RP_PASS_ALL in
route-policy RP_PASS_ALL out
next-hop-self
!
address-family vpnv6 unicast
route-policy RP_PASS_ALL in
route-policy RP_PASS_ALL out
next-hop-self
!
!
!
end
SR2

A:SR2>edit-cfg# candidate view
==============================
configure
router
autonomous-system 65100
bgp
enable-inter-as-vpn
next-hop-resolution
label-route-transport-tunnel
family vpn
resolution any
exit
exit
exit
group iBGP
next-hop-self
family vpn-ipv4 vpn-ipv6
peer-as 65100
local-address 10.0.255.22
neighbor 10.0.255.11
exit
exit
group eBGP
next-hop-self
family vpn-ipv4 vpn-ipv6
peer-as 65200
neighbor 172.16.0.1
exit
exit
exit
exit
exit
==============================

Our main focus in the current configuration are routers SR2 and XR, because at SR1 we have simple configuration for BGP/MPLS IP VPN, which we have reviewed previously (link). At SR2 the main difference from intra-AS VPN is “enable-inter-as-vpn”, which activates possibility for inter-AS VPNs.

In Cisco IOS XR the main difference from intra-AS is activation of MPLS into BGP so that BGP VPNv4/VPNv6 labels (actually, service labels) are used for traffic forwarding as transport labels at this particular link. Static route at XR3 is needed for proper label allocation. (link)

Also what is worth to be mentioned is next-hop processing. By default in BGP, routers changes the next hop its IP address, when they send routes for eBGP neighbors, but retain original next-hop, when they send updates for iBGP neighbors. Don’t forget to change this behavior, so that next-hop is changed, when BGP updates are sent to iBGP neighbors.

Pay attention that we activate both VPNv4 and VPNv6 contexts in our inter-AS MPLS VPN option B.

The first check that we should perform is to assure that BGP is established in the necessary address family at Nokia (Alcatel-Lucent) SR OS router SR2 and Cisco IOS XR router XR3:

A:SR2# show router bgp summary
============================================================================
BGP Router ID:10.0.255.22      AS:65100       Local AS:65100
============================================================================
BGP Summary
============================================================================
Legend : D – Dynamic Neighbor
============================================================================
Neighbor
Description
.                  AS PktRcvd InQ  Up/Down   State|Rcv/Act/Sent (Addr Family)
.                     PktSent OutQ
—————————————————————————-
10.0.255.11
.               65100       4    0 00h00m53s 0/0/0 (VpnIPv4)
.                           4    0           0/0/0 (VpnIPv6)
172.16.0.1
.               65200       5    0 00h00m53s 0/0/0 (VpnIPv4)
.                           4    0           0/0/0 (VpnIPv6)
—————————————————————————–
!
!
RP/0/0/CPU0:XR3#show bgp vpnv4 unicast summary
Neighbor   Spk    AS MsgRcvd MsgSent   TblVer  InQ OutQ  Up/Down  St/PfxRcd
172.16.0.0   0 65100      20      26        1    0    0 00:02:15          0
!
!
RP/0/0/CPU0:XR3#show bgp vpnv6 unicast summary
Neighbor   Spk    AS MsgRcvd MsgSent   TblVer  InQ OutQ  Up/Down  St/PfxRcd
172.16.0.0   0 65100      21      27        1    0    0 00:02:50          0

The next step is to check MPLS forwarding plane between SR2 and XR3:

A:SR2# show router tunnel-table
============================================================================
IPv4 Tunnel Table (Router: Base)
============================================================================
Destination       Owner     Encap TunnelId  Pref     Nexthop        Metric
—————————————————————————-
10.0.255.11/32    ospf (0)  MPLS  524290    8        10.0.0.0       100
—————————————————————————-
Flags: B = BGP backup route available
.      E = inactive best-external BGP route
============================================================================
!
!
RP/0/0/CPU0:XR3# show mpls forwarding
Local  Outgoing    Prefix            Outgoing     Next Hop        Bytes
Label  Label       or ID             Interface                    Switched
—— ———– —————– ———— ————— ———-
24000  Pop         172.16.0.0/32     Gi0/0/0/0.23 172.16.0.0      5361

You see that at Nokia (Alcatel-Lucent) SR OS router SR2 you see only built MPLS LSP to SR1 because we have it based on SPRING information. There is no built MPLS LSP towards XR3, because there is no any LSP so far. Let’s change this.

The next step would be configuration of VPRN/VRF contexts for VPN service itself. This configuration is to be done at SR1 and XR3. At SR2 we aren’t going to configure anything.

Nokia (Alcatel-Lucent) SR OS Cisco IOS XR
SR1 XR3

A:SR1>edit-cfg# candidate view
==============================
configure
port 1/1/2
ethernet
mode access
encap-type dot1q
mtu 1518
exit
no shutdown
exit
service
customer 2 create
description INTER_AS_VPN
exit
vprn 65300 customer 2 create
route-distinguisher 10.0.255.22:65300
auto-bind-tunnel
resolution any
exit
vrf-target target:65000:65300
router-id 10.0.255.22
interface toCUST_ISP_1 create
address 192.168.1.1/24
ipv6
address fc00::192:168:1:1/112
exit
sap 1/1/2:101 create
exit
exit
no shutdown
exit
exit
exit
==============================

RP/0/0/CPU0:XR3(config)#show conf
vrf INTER_AS_VPN
address-family ipv4 unicast
import route-target
65000:65300
!
export route-target
65000:65300
!
!
address-family ipv6 unicast
import route-target
65000:65300
!
export route-target
65000:65300
!
!
!
interface GigabitEthernet0/0/0/0.102
vrf INTER_AS_VPN
ipv4 address 192.168.2.1 255.255.255.0
ipv6 address fc00::192:168:2:1/112
encapsulation dot1q 102
!
router bgp 65200
vrf INTER_AS_VPN
rd 172.16.255.33:65300
address-family ipv4 unicast
redistribute connected
!
address-family ipv6 unicast
redistribute connected
!
!
!
end

For more information about BGP/MPLS IP VPN configuration refer to the corresponding article.

As usual we start our checks from Nokia (Alcatel-Lucent) SR OS router, which in this case is SR1. The first check is to see, what we have in the routing table in VPRN 65300 for IPv4 and IPv6:

A:SR1# show router 65300 route-table ipv4
============================================================================
Route Table (Service: 65300)
============================================================================
Dest Prefix[Flags]                        Type    Proto     Age        Pref
.     Next Hop[Interface Name]                                 Metric
—————————————————————————-
192.168.1.0/24                            Local   Local     00h12m53s  0
.      toCUST_ISP_1                                            0
192.168.2.0/24                            Remote  BGP VPN   00h00m45s  170
.      10.0.255.22 (tunneled:SR-OSPF:0)                        0
—————————————————————————-
No. of Routes: 2
============================================================================
!
!
A:SR1# show router 65300 route-table ipv6
============================================================================
IPv6 Route Table (Service: 65300)
============================================================================
Dest Prefix[Flags]                        Type    Proto     Age        Pref
.     Next Hop[Interface Name]                                 Metric
—————————————————————————-
fc00::192:168:1:0/112                     Local   Local     00h11m39s  0
.     toCUST_ISP_1                                             0
fc00::192:168:2:0/112                     Remote  BGP VPN   00h01m17s  170
.     10.0.255.22 (tunneled:SR-OSPF:0)                         0
—————————————————————————-
No. of Routes: 2
============================================================================

You see that SR1 knows about prefixes learned from XR3, and they point to the next hop via SPRING MPLS LSP. The same next-hop is used both for IPv4 and IPv6. Here are the labels that are used at SR1 for those prefixes:

A:SR1# show router bgp routes vpn-ipv4 | match expression “Label|None|100”
.     Nexthop (Router)                                   Path-Id     Label
u*>?  172.16.255.33:65300:192.168.2.0/24                 100         0
.     10.0.255.22                                        None        262141
!
!
A:SR1# show router bgp routes vpn-ipv6 | match expression “Label|None|100”
.     Nexthop (Router)                                   Path-Id     Label
u*>?  172.16.255.33:65300:fc00::192:168:2:0/112          100         0
.     ::ffff:10.0.255.22                                 None        262140

Now let’s shift to SR2. Here we don’t have any VPRN configured, but still we have VPNv4/VPNv6 routes in BGP RIB:

A:SR2# show router bgp routes vpn-ipv4 | match expression “Label|None”
.     Nexthop (Router)                                   Path-Id     Label
*>i   10.0.255.22:65300:192.168.1.0/24                   100         None
.     10.0.255.11                                        None        262142
*>?   172.16.255.33:65300:192.168.2.0/24                 None        0
.     172.16.0.1                                         None        24001
!
!
A:SR2# show router bgp routes vpn-ipv6 | match expression “Label|None”
.     Nexthop (Router)                                   Path-Id     Label
*>i   10.0.255.22:65300:fc00::192:168:1:0/112            100         None
.     ::ffff:10.0.255.11                                 None        262142
*>?   172.16.255.33:65300:fc00::192:168:2:0/112          None        0
.     ::ffff:172.16.0.1                                  None        24002

The last point of check is Cisco IOS XR router XR3, where we can see its labels for MPLS service:

RP/0/0/CPU0:XR3#show bgp vpnv4 uni vrf INTER_AS_VPN labels
Status codes: s suppressed, d damped, h history, * valid, > best
.             i – internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i – IGP, e – EGP, ? – incomplete
.  Network            Next Hop        Rcvd Label      Local Label
Route Distinguisher: 172.16.255.33:65300 (default for vrf INTER_AS_VPN)
*> 192.168.1.0/24     172.16.0.0      262142          nolabel
*> 192.168.2.0/24     0.0.0.0         nolabel         24001
Processed 2 prefixes, 2 paths
!
!
RP/0/0/CPU0:XR3#show bgp vpnv6 uni vrf INTER_AS_VPN labels
Status codes: s suppressed, d damped, h history, * valid, > best
.             i – internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i – IGP, e – EGP, ? – incomplete
.  Network            Next Hop        Rcvd Label      Local Label
Route Distinguisher: 172.16.255.33:65300 (default for vrf INTER_AS_VPN)
*> fc00::192:168:1:0/112
.                     172.16.0.0      262142          nolabel
*> fc00::192:168:2:0/112
.                     ::              nolabel         24002
Processed 2 prefixes, 2 paths

Let’s make just a simple test, how traffic is delivered between SR1 and XR3:

A:SR1# ping router 65300 192.168.2.1 source 192.168.1.1 count 1
PING 192.168.2.1 56 data bytes
64 bytes from 192.168.2.1: icmp_seq=1 ttl=255 time=17.4ms.
—- 192.168.2.1 PING Statistics —-
1 packet transmitted, 1 packet received, 0.00% packet loss
round-trip min = 17.4ms, avg = 17.4ms, max = 17.4ms, stddev = 0.000ms

Let’s see what is happening behind the scene at the packet level. Here is the trace from WireShark:

064_net_07_c1_ipv4_test

Here is the explanation of the packet life for forward paths:

  • Initially packet is labeled with two labels: MPLS transport label delivered from SPRING and MPLS service label delivered from BGP.
  • At the next hop (SR2) transport label is popped and internal service label is swapped.
  • When XR3 receives this packet, it pops the only MPLS label and put the packet to the correct context.

At the backward path the actions are just opposite:

  • XR3 pushes the single label at the packet, when it sends it towards VRF at SR1.
  • SR2 swaps that label and adds additional MPLS label in order to reach SR1.
  • SR1 receives the packet with two MPLS labels, pops both of them and puts the packet into correct VPRN.

Here is the trace for IPv6:

A:SR1# ping router 65300 fc00::192:168:2:1 source fc00::192:168:1:1 count 1
PING fc00::192:168:2:1 56 data bytes
64 bytes from fc00::192:168:2:1: icmp_seq=1 ttl=255 time=17.4ms.
—- fc00::192:168:2:1 PING Statistics —-
1 packet transmitted, 1 packet received, 0.00% packet loss
round-trip min = 17.4ms, avg = 17.4ms, max = 17.4ms, stddev = 0.000ms

And Wireshark overview of that process:

064_net_08_c1_ipv6_test

Configuration files for the first case of Inter AS option B between Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR are here: sr1_case1_final sr2_case1_final xr3_case1_final

Case 2 – BGP configuration for Inter-AS MPLS VPN option B with MPLS LSPs in both domains

This variant of inter AS MPLS VPN Option B I’ve seen recently in one service provider’s network. Take a look at the image below:

064_net_09_bgp_c2

The main difference here is that BGP is used in service layer only. All the packets have separate transport label derived from LDP / RSVP-TE / SPRING or BGP-LU. What we are doing in our topology is some modification between SR2 and XR3:

  • link between SR2 and XR3, as well as loopback0 at XR3 is added to area 0.0.0.1;
  • SPRING is configured for this area as well;
  • eBGP between SR2 and XR3 is built using system/loopback0 interfaces (corresponding modification to BGP is done);

Let’s see, which configuration should be done to achieve this:

Nokia (Alcatel-Lucent) SR OS Cisco IOS XR
SR2 XR3

A:SR1>edit-cfg# candidate view
==============================
configure
router
ospf
area 0.0.0.1
interface toXR3
interface-type point-to-point
exit
exit
exit
bgp
group “eBGP”
no neighbor 172.16.0.1
local-address 10.0.255.22
multihop 255
neighbor 172.16.255.33
exit
exit
exit
exit
exit
==============================

RP/0/0/CPU0:XR3(config)#show conf
no router static
!
router ospf CORE
router-id 172.16.255.33
segment-routing mpls
segment-routing forwarding mpls
segment-routing sr-prefer
area 0.0.0.1
interface Loopback0
prefix-sid index 33
!
interface GigabitEthernet0/0/0/0.23
network point-to-point
!
!
!
router bgp 65200
no mpls activate
no neighbor 172.16.0.0
neighbor 10.0.255.22
remote-as 65100
ebgp-multihop 255
update-source Loopback0
address-family vpnv4 unicast
route-policy RP_PASS_ALL in
route-policy RP_PASS_ALL out
next-hop-self
!
address-family vpnv6 unicast
route-policy RP_PASS_ALL in
route-policy RP_PASS_ALL out
next-hop-self
!
!
!
end

What we are doing here at our Nokia (Alcatel-Lucent) SR OS router SR is just enabling OSPF and changing BGP, as SPRING is already activated there.

At Cisco IOS XR router XR3 we configure OSPF, enable SPRING and change BGP configuration. Also we remove previous static route and MPLS operation at interface under BGP context.

Don’t forget to add multihop option for eBGP session built between loopbacks.

Let’s check what we have in LFIB at our Nokia (Alcatel-Lucent) SR OS router SR2:

A:SR2# show router tunnel-table detail
============================================================================
Tunnel Table (Router: Base)
============================================================================
Destination      : 10.0.255.11/32
NextHop          : 10.0.0.0
Tunnel Flags     : exclude-for-igpshortcuts
Age              : 01h12m10s
CBF Classes      : (Not Specified)
Owner            : ospf (0)             Encap            : MPLS
Tunnel ID        : 524292               Preference       : 8
Tunnel Label     : 500011               Tunnel Metric    : 100
Tunnel MTU       : 1496                 Max Label Stack  : 1
—————————————————————————-
Destination      : 172.16.255.33/32
NextHop          : 172.16.0.1
Tunnel Flags     : exclude-for-igpshortcuts
Age              : 01h12m13s
CBF Classes      : (Not Specified)
Owner            : ospf (0)             Encap            : MPLS
Tunnel ID        : 524290               Preference       : 8
Tunnel Label     : 3                    Tunnel Metric    : 101
Tunnel MTU       : 1496                 Max Label Stack  : 1
—————————————————————————-
Number of tunnel-table entries          : 2
Number of tunnel-table entries with LFA : 0
============================================================================

You see that we have new MPLS LSP towards 172.16.255.33/32, what is IPv4 address of loopback0 interface at XR3. You might spot that label value is 3, what means “implicit-null” label. We have discussed this behavior previously during configuration of LDP, so we won’t discuss it again.

In Cisco IOS XR router XR3 we have the following LFIB:

RP/0/0/CPU0:XR3#show mpls forwarding
Local  Outgoing    Prefix             Outgoing     Next Hop        Bytes
Label  Label       or ID              Interface                    Switched
—— ———– —————— ———— ————— ———
16011  500011      No ID              Gi0/0/0/0.23 172.16.0.0      0
16022  500022      No ID              Gi0/0/0/0.23 172.16.0.0      12956
24001  Aggregate   INTER_AS_VPN: Per-VRF Aggr[V] \
.                                     INTER_AS_VPN                 440
24002  Aggregate   INTER_AS_VPN: Per-VRF Aggr[V] \
.                                     INTER_AS_VPN                 432
24003  Pop SR Adj (idx 0) Gi0/0/0/0.23 172.16.0.0 0

You see that MPLS labels, which are learned from SPRING, are installed there, so it means that data plane is established. Now we need to look at the next hop in BGP VPNv4/VPNv6 routes to be sure that is announced with IPv4 addresses, for which we have MPLS labels. There are no changes at SR1 or at SR2 in the direction of SR1, that’s why we need look at this information only at SR2 and XR3:

A:SR2# show router bgp routes vpn-ipv4
============================================================================
BGP Router ID:10.0.255.22 AS:65100 Local AS:65100
============================================================================
Legend –
Status codes : u – used, s – suppressed, h – history, d – decayed, * – valid
.              l – leaked, x – stale, > – best, b – backup, p – purge
Origin codes : i – IGP, e – EGP, ? – incomplete
============================================================================
BGP VPN-IPv4 Routes
============================================================================
Flag  Network                                          LocalPref   MED
.     Nexthop (Router)                                 Path-Id     Label
.     As-Path
—————————————————————————-
*>i   10.0.255.22:65300:192.168.1.0/24                 100         None
.     10.0.255.11                                      None        262143
.     No As-Path
*>?   172.16.255.33:65300:192.168.2.0/24               None        0
.     172.16.255.33                                    None        24001
.     65200
—————————————————————————-
Routes : 2
============================================================================
!
!
RP/0/0/CPU0:XR3# show bgp vpnv4 uni vrf INTER_AS_VPN
Status codes: s suppressed, d damped, h history, * valid, > best
.             i – internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i – IGP, e – EGP, ? – incomplete
.  Network            Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 172.16.255.33:65300 (default for vrf INTER_AS_VPN)
*> 192.168.1.0/24     10.0.255.22                            0 65100 i
*> 192.168.2.0/24     0.0.0.0                  0         32768 ?
Processed 2 prefixes, 2 paths

Well, it looks like we have enough topology information to test built VPN:

A:SR1# ping router 65300 192.168.2.1 source 192.168.1.1 count 1
PING 192.168.2.1 56 data bytes
64 bytes from 192.168.2.1: icmp_seq=1 ttl=255 time=16.3ms.
—- 192.168.2.1 PING Statistics —-
1 packet transmitted, 1 packet received, 0.00% packet loss
round-trip min = 16.3ms, avg = 16.3ms, max = 16.3ms, stddev = 0.000ms

It works, and it’s very good. But what is the difference comparing to the first case? The answer you can see, if you launch Wireshark to discover packet structure:

064_net_10_c2_ipv4_test

Due to PHP operation at XR3 you see no labels at the second line, but it’s this “implicit null” label. Nevertheless, on the backward path you see MPLS transport labels at both links. In the same time MPLS service label is also changed at SR2.

The basic rule described in “MPLS in the SDN era” says that new label is generated each time, when next-hop is changed. Remember it and you won’t have problems with understanding of MPLS label processing.

For IPv6 we have similar trace:

A:SR1# ping router 65300 fc00::192:168:2:1 source fc00::192:168:1:1 count 1
PING fc00::192:168:2:1 56 data bytes
64 bytes from fc00::192:168:2:1 icmp_seq=1 hlim=64 time=4.69ms.
—- fc00::192:168:2:1 PING Statistics —-
1 packet transmitted, 1 packet received, 0.00% packet loss
round-trip min = 4.69ms, avg = 4.69ms, max = 4.69ms, stddev = 0.000ms

064_net_11_c2_ipv6_test

Final configuration for the second case of inter AS MPLS VPN option B is here (as there were changes only at SR2 and XR3, I provide configuration files only for them): xr3_case2_final sr2_case2_final

Lessons learned

I’m was a little bit surprised, when I met the second case implemented in the network. On the one hand it looks nice and works in general well. But there is one drawback in its default operation. If you have all routers from AS 65200 being connected to ASBR router in AS 65100 (let’s assume that OSPF area 0.0.0.1 is access network or mobile backhaul and are 0.0.0.0 is core), by default you won’t have BGP routes from one router in AS 65200 at another router in the same AS due to AS_PATH path attribute. So you have to configure “as-override” and “next-hop-unchanged” at ASBR to fix it. But you should do it conditionally, because you still need to change next-hop for routes learned from AS 65100.

Conclusion

MPLS world is really huge and you have virtually endless possibilities to delivery service. There is no single right choice for all cases. Our job as network engineers and architects is to find the most suitable network solution that is able to deliver all necessary services, whereas being scalable, modular and flexible to cover upcoming challenges. MPLS is definitely platform for such solutions. And inter AS MPLS VPNs helps you to extend services beyond your network. Take care and good bye!

Support us






BR,

Anton Karneliuk

Anton Karneliuk

Anton Karneliuk. IT & Network Expert / Architect / Manager; Project Manager; Entrepreneur; 2x CCIE (RS/SP) #49412; MSc Telecommunications.

Leave a Reply

Comment as a guest.

Read Next

© 2024 Karneliuk

Sliding Sidebar