The MPLS-OPS Archive

Cell Relay Retreat>MPLS-OPS Archive>month:2002-Oct> msg00071



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

Re: REG: Filtering of MPLS VPN routes

  • From: Rajiv Asati <rajiva@cisco.com>
  • Date: Sun, 13 Oct 2002 15:34:50 -0400
  • Cc: rogerw@nordlink.com, mpls-ops@mplsrc.com
  • Resent-Date: Sun, 13 Oct 2002 16:52:03 -0400
  • To: Joseph Anthony <tonyjoe20002002@yahoo.co.in>
  • X-Sender: rajiva@dingdong.cisco.com

Joseph,

Please see inline...

At 10:53 AM 10/12/2002, Joseph Anthony wrote:

>  Hi All,
>
>Thanks for all the inputs. I do have some questions in regard to 
>Route-Filtering pertaining to Route Reflectors configurations in an MPLS 
>VPN environment. Assuming the following scenario -
>
>Now while using Extended community based filtering by means of the ORF for 
>route filtering. My question is as follows -
>
>1. In a partitioned RR setup, should all the RR clients and RR server have 
>the extended community list and bgp-rr group configured on them, in order 
>to facilitate both outbound and inbound filtering (dynamic).

Without "bgp rr-group <extcomm>"  configuration on the RR, RR would 
typically accept all the VRF routes.
With "bgp rr-group <extcomm>", RR will accept VRF routes based on 
associated RT value(s).

In other words, RR employs inbound filtering.
{this configuration is applied only on the RR.}


>Assuming I have 2 RR's, each servicing a set of VPN's. Now in a situation 
>in which an existing PE router suddenly needs to service a VPN, to which 
>it has not provided routes previously, I understand that we would need to 
>have the PE router establish an additional session to the other 
>Route-reflector,

Not really. Setting up an additional session with RR is not required. PE 
should simply send the route-refresh message to the RR(s), and the RR 
should resend the update message to the PE.

>  which is currently reflecting routes to its clients for the particular 
> VPN. This requires filtering to happen at the PE, wherein the PE should 
> not spill over unwanted VPN routes to either of the RR's.

Agreed.
With rr-group (configured on the RR), it will be RR's job to discard routes 
with certain RT.

Without ORF, other filtering mechanisms are required at the PE (so as to 
avoid sending those routes to a certain RR).

>  Now while using Extended community based filtering by means of the ORF 
> for route filtering. My question is as follows -
>
>1. How would the same work here?

With ORF, PE will have a list of each RR's acceptable RTs, so PE will 
advertise prefix with acceptable RT to that RR.

>Any sample config will be greatly appreciated.

Since ORF is yet to be supported in IOS, there is no sample configuration. ;)

Please let me know if you have further Q.

Cheers,
Rajiv


>Thanks in advance,
>
>Tony.
>
>
>
>Yahoo! Properties Special Buy, sell, rent...your flat, or even post an ad

-------
The MPLS-OPS Mailing List
Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
Archive: http://www.mplsrc.com/mpls-ops_archive.shtml