The MPLS-OPS Archive[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index][Thread Index][Author Index][Subject Index] Re: REG: Filtering of MPLS VPN routes
Alok, At 04:00 PM 10/13/2002, alok wrote: >well yes.... > >for starters can u please tell me what ORF means? Outbound Route filtering, a feature that allows a BGP speaker to advertise to its BGP neighbors the outbound route filters neighbors should use. These filters are described in ORF entries, which are part of route-refresh message. Yes, it is actually a BGP capability that should be exchanged before the session comes UP. In a nutshell, ORF is a way to tell the neighbors that "hey, don't send me an update/prefix etc, since I don't need it". This helps to reduce unwanted routing updates. ORF for prefixes have been existing for quite-a-while as explained below: http://www.cisco.com/en/US/products/sw/iosswrel/ps1612/products_feature_guide09186a008008088c.html > and how does cisco carry out BGP updates for multiple VPNs? dont u use > route distinguishers? as >proposed in RFC2547 ? Of course. [ So VPNv4 address is RD:IPv4.And the MP-BGP update contains this VPNv4 address along with an extended-community RT.] Now in MPLS VPN context, ORF support gets extended to extcomm. (I don't know about the IETF draf for this one). I guess your Q is really: why RT, why not RD for ORF ? Having RD based ORF may defeat the purpose of extranet, since a PE might not have a certain VRF configured, but still accepting routes (from that VPN) into another VPN based on RT. Hope this helps. Cheers, Rajiv >----- Original Message ----- >From: Rajiv Asati <rajiva@cisco.com> >To: alok <alok.dube@apara.com> >Cc: Joseph Anthony <tonyjoe20002002@yahoo.co.in>; <rogerw@nordlink.com>; ><mpls-ops@mplsrc.com> >Sent: Monday, October 14, 2002 1:14 AM >Subject: Re: [MPLS-OPS]: REG: Filtering of MPLS VPN routes > > >Alok, > >At 10:29 AM 10/13/2002, alok wrote: > >have been following this thread for a while so ...as i started getting > >lost, i thought id ask a question.... > > > >wouldnt RRs be "per vrf based"? > >RR typically does not have any VRF configured. >Are you referring to any other implementation ? > > From my understanding, Joseph was referring to extcomm based filtering on >RR. Since he mentioned IOS CLI "bgp rr-group", I assumed he was referring >to Cisco's implementation. > >Cheers, >Rajiv > > >so in that case wudnt the vrf be assoicated with a "RD" flag...? > > > >how would ever spill over routes at all...i guess u mean "spill over > >routes of other VPNs".... then the answer is you wont coz the NLRIs have > >the RD field indicating which VPN the route belongs too.... > > > >so i doubt if u will ever need filters at all..... > >for this case...unless u want to block certain routes in the same VPN... > > > >unless cisco does something different from "RDs"...havent done MPLS VPNs > >on cisco but only junipers and zebra etc..so am not sure on this... > > > >-rgds > >Alok > >>----- Original Message ----- > >>From: <mailto:tonyjoe20002002@yahoo.co.in>Joseph Anthony > >>To: <mailto:rajiva@cisco.com>Rajiv Asati ; > >><mailto:rogerw@nordlink.com>rogerw@nordlink.com > >>Cc: <mailto:mpls-ops@mplsrc.com>mpls-ops@mplsrc.com > >>Sent: Saturday, October 12, 2002 8:23 PM > >>Subject: Re: [MPLS-OPS]: REG: Filtering of MPLS VPN routes > >> > >> Hi All, > >> > >>Thanks for all the inputs. I do have some questions in regard to > >>Route-Filtering pertaining to Route Reflectors configurations in an MPLS > >>VPN environment. Assuming the following scenario - > >> > >>Now while using Extended community based filtering by means of the ORF > >>for route filtering. My question is as follows - > >> > >>1. In a partitioned RR setup, should all the RR clients and RR server > >>have the extended community list and bgp-rr group configured on them, in > >>order to facilitate both outbound and inbound filtering (dynamic). > >> > >>Assuming I have 2 RR's, each servicing a set of VPN's. Now in a situation > >>in which an existing PE router suddenly needs to service a VPN, to which > >>it has not provided routes previously, I understand that we would need to > >>have the PE router establish an additional session to the other > >>Route-reflector, which is currently reflecting routes to its clients for > >>the particular VPN. This requires filtering to happen at the PE, wherein > >>the PE should not spill over unwanted VPN routes to either of the RR's. > >>Now while using Extended community based filtering by means of the ORF > >>for route filtering. My question is as follows - > >> > >>1. How would the same work here? Any sample config will be greatly > >>appreciated. > >> > >>Thanks in advance, > >> > >>Tony. > >> > >> > >> > >>Yahoo! Properties Special Buy, sell, rent...your flat, or even post an ad ------- The MPLS-OPS Mailing List Subscribe/Unsubscribe: http://www.mplsrc.com/mplsops.shtml Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
|
|