The MPLS-OPS Archive

Cell Relay Retreat>MPLS-OPS Archive>month:2002-Oct> msg00078



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

Re: REG: Filtering of MPLS VPN routes

  • From: Rajiv Asati <rajiva@cisco.com>
  • Date: Mon, 14 Oct 2002 09:55:45 -0400
  • Cc: "Joseph Anthony" <tonyjoe20002002@yahoo.co.in>, <rogerw@nordlink.com>, <mpls-ops@mplsrc.com>
  • Resent-Date: Mon, 14 Oct 2002 11:04:53 -0400
  • To: "alok" <alok.dube@apara.com>
  • X-Sender: rajiva@dingdong.cisco.com

Alok,

At 03:42 AM 10/14/2002, alok wrote:
>Hi Rajiv,
>
>RTs are defined in the same RC2547,

Used in 2547.
Actually another draft  defines extended communities such as RT.


>i was generally wondering as to why they are ever used... i mean we cud use
>communities itslef...why write a whole new attribute?

Std community is a 4-byte field, whereas Ext community is a 8-byte field.
The Extended Community Attribute provides two important enhancements over 
the existing BGP Community Attribute:

       - It provides an extended range, ensuring that communities can be
         assigned for a plethora of uses, without fear of overlap.

       - The addition of a Type field provides structure for the
         community space.


>I guess one way of seeing it is "when i want to distribute routes across
>VPNs" ..

When you want to build an extranet.

Rajiv


>would appreciate any help here...if someone could clarify this...
>
>-rgds
>Alok
>
>
>
>
>----- Original Message -----
>From: Rajiv Asati <rajiva@cisco.com>
>To: alok <alok.dube@apara.com>
>Cc: Joseph Anthony <tonyjoe20002002@yahoo.co.in>; <rogerw@nordlink.com>;
><mpls-ops@mplsrc.com>
>Sent: Monday, October 14, 2002 2:56 AM
>Subject: Re: [MPLS-OPS]: REG: Filtering of MPLS VPN routes
>
>
>Alok,
>
>At 04:00 PM 10/13/2002, alok wrote:
> >well yes....
> >
> >for starters can u please tell me what ORF means?
>
>Outbound Route filtering, a feature that allows a BGP speaker to advertise
>to its BGP neighbors the outbound route filters neighbors should use. These
>filters are described in ORF entries, which are part of route-refresh
>message.
>Yes, it is actually a BGP capability that should be exchanged before the
>session comes UP.
>
>In a nutshell, ORF is a way to tell the neighbors that "hey, don't send me
>an update/prefix etc, since I don't need it".
>This helps to reduce unwanted routing updates.
>
>ORF for prefixes have been existing for quite-a-while as explained below:
>http://www.cisco.com/en/US/products/sw/iosswrel/ps1612/products_feature_guid
>e09186a008008088c.html
>
> >  and how does cisco carry out BGP updates for multiple VPNs? dont u use
> > route distinguishers? as
> >proposed in RFC2547 ?
>
>Of course.
>[ So VPNv4 address is RD:IPv4.And the MP-BGP update contains this VPNv4
>address along with an extended-community RT.]
>
>
>Now in MPLS VPN context, ORF support gets extended to extcomm. (I don't
>know about the IETF draf for this one).
>
>I guess your Q is really: why RT, why not RD for ORF ?
>Having RD based ORF may defeat the purpose of extranet, since a PE might
>not have a certain VRF configured, but still accepting routes (from that
>VPN) into another VPN based on RT.
>
>Hope this helps.
>Cheers,
>Rajiv
>
>
>
>
> >----- Original Message -----
> >From: Rajiv Asati <rajiva@cisco.com>
> >To: alok <alok.dube@apara.com>
> >Cc: Joseph Anthony <tonyjoe20002002@yahoo.co.in>; <rogerw@nordlink.com>;
> ><mpls-ops@mplsrc.com>
> >Sent: Monday, October 14, 2002 1:14 AM
> >Subject: Re: [MPLS-OPS]: REG: Filtering of MPLS VPN routes
> >
> >
> >Alok,
> >
> >At 10:29 AM 10/13/2002, alok wrote:
> > >have been following this thread for a while so ...as i started getting
> > >lost, i thought id ask a question....
> > >
> > >wouldnt RRs be "per vrf based"?
> >
> >RR typically does not have any VRF configured.
> >Are you referring to any other implementation ?
> >
> >  From my understanding,  Joseph was referring to extcomm based filtering
>on
> >RR. Since he mentioned IOS CLI "bgp rr-group", I assumed he was referring
> >to Cisco's implementation.
> >
> >Cheers,
> >Rajiv
> >
> > >so in that case wudnt the vrf be assoicated with a "RD" flag...?
> > >
> > >how would ever spill over routes at all...i guess u mean "spill over
> > >routes of other VPNs".... then the answer is you wont coz the NLRIs have
> > >the RD field indicating which VPN the route belongs too....
> > >
> > >so i doubt if u will ever need filters at all.....
> > >for this case...unless u want to block certain routes in the same VPN...
> > >
> > >unless cisco does something different from "RDs"...havent done MPLS VPNs
> > >on cisco but only junipers and zebra etc..so am not sure on this...
> > >
> > >-rgds
> > >Alok
> > >>----- Original Message -----
> > >>From: <mailto:tonyjoe20002002@yahoo.co.in>Joseph Anthony
> > >>To: <mailto:rajiva@cisco.com>Rajiv Asati ;
> > >><mailto:rogerw@nordlink.com>rogerw@nordlink.com
> > >>Cc: <mailto:mpls-ops@mplsrc.com>mpls-ops@mplsrc.com
> > >>Sent: Saturday, October 12, 2002 8:23 PM
> > >>Subject: Re: [MPLS-OPS]: REG: Filtering of MPLS VPN routes
> > >>
> > >>  Hi All,
> > >>
> > >>Thanks for all the inputs. I do have some questions in regard to
> > >>Route-Filtering pertaining to Route Reflectors configurations in an MPLS
> > >>VPN environment. Assuming the following scenario -
> > >>
> > >>Now while using Extended community based filtering by means of the ORF
> > >>for route filtering. My question is as follows -
> > >>
> > >>1. In a partitioned RR setup, should all the RR clients and RR server
> > >>have the extended community list and bgp-rr group configured on them, in
> > >>order to facilitate both outbound and inbound filtering (dynamic).
> > >>
> > >>Assuming I have 2 RR's, each servicing a set of VPN's. Now in a
>situation
> > >>in which an existing PE router suddenly needs to service a VPN, to which
> > >>it has not provided routes previously, I understand that we would need
>to
> > >>have the PE router establish an additional session to the other
> > >>Route-reflector, which is currently reflecting routes to its clients for
> > >>the particular VPN. This requires filtering to happen at the PE, wherein
> > >>the PE should not spill over unwanted VPN routes to either of the RR's.
> > >>Now while using Extended community based filtering by means of the ORF
> > >>for route filtering. My question is as follows -
> > >>
> > >>1. How would the same work here? Any sample config will be greatly
> > >>appreciated.
> > >>
> > >>Thanks in advance,
> > >>
> > >>Tony.
> > >>
> > >>
> > >>
> > >>Yahoo! Properties Special Buy, sell, rent...your flat, or even post an
>ad
>
>-------
>The MPLS-OPS Mailing List
>Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
>Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
>
>
>
>-------
>The MPLS-OPS Mailing List
>Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
>Archive: http://www.mplsrc.com/mpls-ops_archive.shtml

-------
The MPLS-OPS Mailing List
Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
Archive: http://www.mplsrc.com/mpls-ops_archive.shtml