Is that possible to run MPLS over GETVPN? We have a customer having MPLS connectivity from a service provider and they want to run their own MPLS over the service provider MPLS. I found the implementation guide to run MPLS over DMVPN but not sure either the same is true for GETVPN. The reference documents are:
"Technically, you can only run MPLS over MPLS if the provider is offering Inter-AS option C or CsC services. What most customers end up doing is running MPLSoGRE where the tunnels are dynamically instantiated under an mGRE interface. The provider MPLS VPN only sees IP packets from the CE which is acting as the enterprise "PE".
Now that you are encapsulating MPLS in GRE packets, it is quite easy to encrypt the GRE packets across the provider core by simply applying a GET map on the CE's WAN interface. The policy can be 'permit ip any any' or more specifically defined as 'permit gre any any'. Since GET won't change the routing relationship, the MPLS VPN service provided by the carrier is very basic ... it simply provides routing between the GRE tunnel end-points. They will also need to provide routes for the CE (which are acting as Group Members) to reach a Key Server.
Stack looks like this:
Enterprise VPN Label
GET VPN IPSec
I still have following queries:
The proposed mGRE tunnel with MPLS will work fine for direct spoke to spoke communication?
Is there any limitation on the design with GETVPN over mGRE and MPLS?
IOS upgrade on asr9xx mandates rommon upgrades sometimes while they can be optional at other times. You may land up in unwanted situation if proper procedure is not followed during upgrades.
This article will include complete details about rommon ...
In some situation NCS560 RP become unresponsive after reload or powercycle.
In many deployments NCS560 far edge, deployment is large and human intervention should be kept at minimum
Engineering team have been working on a strategy to have functi...
In simple terms, 'Route Churn' is defined as the 'rate of change of prefixes'. Different XR versions across 4.x to 7.x have differing behavior & support for the BGP churn handling and some enhancements made from 6.5.3 onwards (listed in appendix) mak...
Prior to Cisco IOS XR Software Release 7.1.2, XR dual RP devices did not support file mirroring from active RP to standby RP. Administrators had to manually perform the task or use EEM scripts to sync files across active RP and stand...
Hi Everyone, Would like to extend my thanks in advance for anyone offering assistance. As the subject hints, anyone here know of a way to convert IOS configs to XR config? I seen and heard about SOX tool but i am unable to find it. I also tried ...