Route-Distinguisher and Route-Target Again

vdadlaney · ‎10-18-2004

Hi, I am still trying to grasp the concept of the rotue-target and the route-distinguisher and had a couple of questions.

I understand that the Route-Distinguisher is basically used to allow overlapping address space between different customers in MBGP.

The Route Target is used to import prefixes into the customer routing table from MBGP.

However what I am not able to understand or maybe not grasp is why this cannot be done on the Route-Distinguisher. The addresses already have a identifier on them making them unique and coming from a particular customer. So why not just use the route-distinguisher and based on that value allow the route into the customer's vrf who has the same route-distinguisher.

Now there could be a scenario where a site may belong to the same customer but may have different connectivity requirements. I would figure that in that scenario than based on the Route-Distinguisher it would be impossible to filter because all the sites of the customer have the same RD. That leads me to another question which is that say we have 2 customers A and B and they have 2 sites each in San Francisco and in New York. Now is it that the VRF which is defined on the PE router in New York will have the same RD. Say RD for Customer A is 123:10 and the RD for Customer B is 123:20. For eg: will Customer A will it be 123:10 in NY and SF. Can they be different? What is the recommended value that should be assigned to the Rd.

I think I may have asked quite a few questions and i apologize if I am not clear. Appreciate the help. Thx

Harold Ritter · ‎10-18-2004

You are right by saying that conceptually you could do without the route-target and in a lot of cases people use the same value for the route-target and route distinguisher.

The two have been decoupled to allow more flexibility.

The RD for customers belonging to the same VPN doesn't need to be the same on all PE routers. In some scenarios, such as load-balancing it might even be required to have different RDs.

For instance, tet's say you have a site connected to two different PEs and you want incoming traffic to be loadshared between these two PEs. If you used the same RD on both PEs and that you have route reflectors in the core (which is usually the case), the RRs would receive an update for that site from both PEs (which would be the same VPNv4 route because of the same RD + ipv4) would select the best path and pass it to the other PEs in the network. Traffic to that site would then not be loadshared.

On the other hand, if you used a different RD, the RRs would receive two different VPNv4 prefixes and reflect them both to the other PEs, which would then be able to import them both in the appropriate VRF therefore providing loadsharing.

Let me know if I have not covered all your questions.

Hope this helps,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

vdadlaney · ‎10-18-2004

Hi Harold,

Thanks for your reply. I am not quite sure how traffic would be load shared as I do not have a good understanding of this yet. I would assume that since the RD distinguishes the prefixes then it would assume that they are from separate customers and hence would never load balance but i guess when you say import that would have something to do with the Route-Targets right? and that's how load balancing would work?

On the RD's again.

Would the RD's for the same customer be different for different sites. Is that best practice? What I mean is would the RD for Customer A be different on a PE in san francisco than on a PE in New York or would it be the same across all the PE's? Thanks for your help.

Harold Ritter · ‎10-18-2004

That is correct. The import would be done according to the route-target as always. So in this case particular case, the RDs would be different but the route-target would be the same across all the VRFs belonging to the same VPN.

As far as your second question is concern, I have seen a majority of SPs using a different RD per VRF per PE. So in this case I would call it best practice. And yes, RD for customer A in San Fran would be different than RD for customer A in NY. The common denominator would be the route-target, whic would be the same for customer across the board.

Hope this helps,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

vdadlaney · ‎10-19-2004

Hi Harold,

Usually the RD and the RT have the same values. But as per what you said the RD would be different in NY and in SF. Than the RT would be different. I have seen configs where the RD are the same on different PE for the same VPN. Is that possible? I would think so since using the same ip subnet in one VPN isn't possible anyways it would really not matter what the RD would be. Am I right? Thanks

Harold Ritter · ‎10-19-2004

In the scenario I was previously describing, the RD would be different on each PE but the RT the same. Yes, it is possible to have the same RD on all PEs for the same VPN. The only restriction is not to use the same RD for different VPNs since that could cause overlapping issues.

Hope this helps,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

vdadlaney · ‎10-26-2004

Hi Harold,

Is the Route Distinguisher local to a router. Hence say if I were to use the same RD on a different PE router would it still cause issues between different customers who are defined on other PE routers. Thx

vdadlaney · ‎10-26-2004

Hi again,

Thinking back the RD is assigned in the MBGP update so I guess that negates my previous question.

Going back to your comment that different providers have used a different rd per vrf per PE than in that case how is it determined that its for the same customer VPN? Thx

Harold Ritter · ‎10-26-2004

This is the role of the route-target.

Hope this helps,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

Nataliya Omelyanyuk · ‎02-08-2012

Hi,

let me explain the concept in more details.

Route distinguishers are used exclusively to make address unique - to differ it from each other.

Export route targets - it's like a tag you attach to each network prefix to specify to which service it belongs.

Import route target helps you to specify, to which particular network prefix (and therefore, service associated) you want provide access from particular vrf.

For example:

ip vrf 111

route-target export 111:1

route target import 111:1

route-target import 111:2

In this case all routes from vrf 111 will be sent out with route-target 111:1 ;

in vrf 111 will be imported routes with route-target 111:1 and route-target 111:2 (independently of route-distinguishers!!!)

To ensure reachability between 2 VRFs you need have export route-target in one as import in ither and vice versa.

Please find below link where you can find very comprehensive example of so-called "central services MPLS VPN" - when central site has full connectivity to all branches, and every branch has connectivity to central site only - but not to other branches. All this is organized based on RT

http://etutorials.org/Networking/MPLS+VPN+Architectures/Part+2+MPLS-based+Virtual+Private+Networks/Chapter+11.+Advanced+MPLS+VPN+Topologies/Central+Services+Topology/

BR,

Nataliya.

Peter Paluch · ‎02-08-2012

Hi everyone,

I've also tried to give an explanation in this thread:

https://supportforums.cisco.com/thread/2102281

Best regards,

Peter

Ivan Krimmel · ‎02-08-2012

I still bet on Luc's MPLS Fundamentals :)

Peter Paluch · ‎02-08-2012

Ivan,

No argument on that one But even so, we can try to reach even the level of such experts as Luc, can't we?

Best regards,

Peter

Sumanta Ghosh · ‎07-22-2017

Hello Harold

I hope multiple RD types are allowed in same IOS XR as per RFC4364.

Neighbor 10.x.y.y uses e-BGP (labelled e-BGP) type 0 ASN and neighbor 10.y.z.z uses i-BGP (on LDP) type 1 ASN.

Both peerings are on same ASR 9K in global VRF.

Regards,

Sumanta.