cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1488
Views
1
Helpful
2
Replies
mwandu
Beginner

LDP - Best practices

Hello,

we have just rolled an MPLS network as service provider and will soon  lunch services through it, to start with is l3vpn. I would like to find out what are the best practices for LDP setup such as would you recommend to have;

- MD5 passwords from the word go or it can done at later stage.

- what configuration tweaks do you reckon should be resolve before we can start adding clients to the network or what should my audit checklist be like to ensure I am putting out a network that meets operational best practice.

- our IGP is ISIS.

I will appreciate your invaluable advise.

Regards,

2 ACCEPTED SOLUTIONS

Accepted Solutions
Mohamed Sobair
Rising star

Hello,

Following is the best MPLS Practises:

1- The Use of LDP MD5 - Password Protection in your MPLS Network.

2- The Use of Route Reflectors for Scalability reasons.

3- The Use of Public AS Number within the MPLS Backbone, this helps you plan to be a Global MPLS Provider.

4- Redundancy at the Core is a Must, Redundancy at the Edge is Prefered.

5- Never Run LDP between Different MPLS Service Provider, its NOT a good Security Practise. Applicable for (Inter-AS) Architecture Approach.

6- The Best approach is to have the PE at each POP peers with two different P routers at the Core. If you Hvae Two PEs at each POP this would Provide fully redundant Edge Network.

7- Your Core Should be High End Series, I would advice with CRS , 12000 Or at Least ASR9K for Medium Service Providers, and 7600 can be installed at the Edge.

8- The Last Note Would be to try Avoiding (VRF - Route Leaking) as Much as possible. Design Your VRFs according to your Needs from the begining.

Good Luck,

Mohamed

View solution in original post

Ivan Krimmel
Rising star

Hi,

for LDP, I'd advise to run conditional label advertisement, and evaluate features like LDP Session Protection and LDP IGP Synchronization(ISIS supports it well).

MD5 authentication is a good thing certainly.

Regards,

Ivan.

View solution in original post

2 REPLIES 2
Mohamed Sobair
Rising star

Hello,

Following is the best MPLS Practises:

1- The Use of LDP MD5 - Password Protection in your MPLS Network.

2- The Use of Route Reflectors for Scalability reasons.

3- The Use of Public AS Number within the MPLS Backbone, this helps you plan to be a Global MPLS Provider.

4- Redundancy at the Core is a Must, Redundancy at the Edge is Prefered.

5- Never Run LDP between Different MPLS Service Provider, its NOT a good Security Practise. Applicable for (Inter-AS) Architecture Approach.

6- The Best approach is to have the PE at each POP peers with two different P routers at the Core. If you Hvae Two PEs at each POP this would Provide fully redundant Edge Network.

7- Your Core Should be High End Series, I would advice with CRS , 12000 Or at Least ASR9K for Medium Service Providers, and 7600 can be installed at the Edge.

8- The Last Note Would be to try Avoiding (VRF - Route Leaking) as Much as possible. Design Your VRFs according to your Needs from the begining.

Good Luck,

Mohamed

View solution in original post

Ivan Krimmel
Rising star

Hi,

for LDP, I'd advise to run conditional label advertisement, and evaluate features like LDP Session Protection and LDP IGP Synchronization(ISIS supports it well).

MD5 authentication is a good thing certainly.

Regards,

Ivan.

View solution in original post

Content for Community-Ad