The MPLS-OPS Archive

[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index][Thread Index][Author Index][Subject Index]

RE: "Hub and sopke" approach

From: Rajiv Asati <rajiva@cisco.com>
Date: Tue, 25 Mar 2003 23:24:31 -0500
Cc: <Marcel_TUIHANI/opt@OPT.PF>, <mpls-ops@mplsrc.com>
Resent-Date: Wed, 26 Mar 2003 00:36:42 -0500
To: "Christopher Young" <cyoung@juniper.net>
X-MIME-Autoconverted: from quoted-printable to 8bit by host.secure4-hosting.net id h2Q4Ohe21775
X-Sender: rajiva@dingdong.cisco.com


At 02:42 PM 3/24/2003, Christopher Young wrote:
>Marcel,
>
>At least in the Juniper JUNOS-ERX implementation once routes from the 2 CE 
>sites are put into the same vrf on the same PE (multihoming a customer to 
>the same PE, same vrf), they are readily accesible to each other unless 
>you put some form of filtering in place on the routing protocol run 
>between the vrf and CE. If the protocol from vrf to CE was bgp you could 
>try putting a prefix list in place towards the CE peers only allowing the 
>routes from the hub site to be advertised and therefore preventing the 2 
>CE's from learning that they are directly reachable via the vrf.

Constraining the routing information between CEs might not help, since PEs 
still have the best paths.
So when CE1 sends the packets (destined to CE2) to the attached PE, PE will 
do a FIB lookup and switch the packet directly to the attached CE2 without 
involving the hub-site. :(

In summary, I agree that sites connected to the same PE will talk to each 
other directly (avoiding the hub site), unless your second option is followed.


>The only other option I can think of would be to create another vrf for 
>the second CE (new export RT, same import RT) and terminate the second CE 
>in the new vrf.

This should work.


>As always I would test this in a lab first to ensure that it works 
>properly ;-)

;-)
Yup.

Cheers,
Rajiv



>Chris Young
>
>
>-----Original Message-----
>From: Marcel_TUIHANI/opt@OPT.PF [mailto:Marcel_TUIHANI/opt@OPT.PF]
>Sent: Monday, March 24, 2003 11:58 AM
>To: mpls-ops@mplsrc.com
>Subject: [MPLS-OPS]: "Hub and sopke" approach
>
>
>Can anyone give me one or, i may be several solution about "hub and sopke"
>configuration on Cisco equipement.
>Actually, I use on my MPLS/VPN network an "Hub and spoke" architecture.
>Sites linked on different PE can't communicate together. However, for sites
>linked on the same PE, it isn't  possible to prevent that they communicate
>directly.
>
>I would like to know, how implement an "Hub and spoke" architecture on the
>same PE.
>One site central and several distants sites.
>
>Marcel TUIHANI,
>Office des Postes et des Télécommunications
>Polynésie Française - TAHITI.
>
>
>-------
>The MPLS-OPS Mailing List
>Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
>Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
>
>-------
>The MPLS-OPS Mailing List
>Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
>Archive: http://www.mplsrc.com/mpls-ops_archive.shtml


-------
The MPLS-OPS Mailing List
Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
Archive: http://www.mplsrc.com/mpls-ops_archive.shtml

References:
- RE: "Hub and sopke" approach
  - From: "Christopher Young" <cyoung@juniper.net>