Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9297
Views
84
Helpful
14
Replies

BGP free core

jonathan johnson
Level 1
Level 1

‎05-27-2015 03:29 AM - edited ‎03-05-2019 01:33 AM

Hi,

I'm looking into the concept of a bgp free core when using mpls.  However, I'm having some difficulties understanding the configuration.

 

I understand that an IGP is used to distribute the loopbacks to each of the PE and P routers.

I also understand setting up BGP sessions between the PE routers.

 

Once the above is in place are all routes on the PE routes "automatically" learned by the other PE routers.

For example, if my PE router had a static route of 10.55.55.0/24 would all other PE routers now know about this, or would I need to redistribute static routes into BGP?

As far as connected IP's go would I also need to redistribute connected IP's into BGP for all other PE's to know about them?

Thanks in advance for any clarification on this.

Jonno  

Labels:
0 Helpful
14 Replies 14

vivek srivastava
Level 7
Level 7

‎05-27-2015 04:21 AM

Do you have plain MPLS or MPLS-VPN network ??

 

BGP is only required when you have have VPNs i.e. using VRFs. This type of BGP config is reffered as MP-BGP which carries each VRF (VPN) traffic from one PE to other PE via extended community.

If you have VRF and have a static route for that, then you need to use "redistribute static" in your "address-family ipv4 vrf <vrf name>" under BGP process of PE router.

If you dont have VRF then any way MP-BGP is not required at all, and you need to redistribute static into your core IGP process of the PE. Which in turns known by P router automatically via same IGP.

jonathan johnson
Level 1
Level 1
In response to vivek srivastava

‎05-27-2015 08:57 PM

Hi Vivek,

Yes, we do have some VPN's (layer 3), but the main motivation is to not have BGP on the P routers and restrict their knowledge of routes (reduce the routing table) so that CPU cycles aren't screwed up by routing updates etc.

Although, I guess we could go down the path of using OSPF across the network (we actually are now) and implement summarization to keep the route table small-ish.

Thanks,

Jonno

0 Helpful

a-gould
Level 1
Level 1
In response to vivek srivastava

‎08-08-2020 05:00 PM - edited ‎08-08-2020 05:02 PM

 
0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee

‎05-27-2015 04:26 AM

Jonathan,

With respect to BGP-free core when using MPLS, the BGP configuration on the PEs is absolutely oblivious to the MPLS in the core. In other words, you would configure BGP on your PEs totally ignoring the MPLS in the core. Nothing in the BGP configuration changes as the result. This also means that the rules for injecting a route into BGP and propagating it to other BGP neighbors are just the same. There is no added automatic just because you're doing MPLS and BGP-free core.

If you had a static route to 10.55.55.0/24 on one of your PEs, you would have to redistribute it into BGP to allow other PEs to know about it.

The basic idea of BGP-free core with MPLS is this: Have your core and your PEs as well run some IGP to know its own guts, so to speak. Furthermore, have your PEs run BGP to each other (if there are many of them, route reflectors can be used), and finally, have your network run MPLS.

Now, when a route from PE1 is learned on PE2, PE2 will know that to reach this route, packets must flow through PE1 as PE1 is going to be the BGP next hop. However, that next hop address is in fact PE1's loopback address that is advertised across your entire network thanks to the IGP, and because of MPLS and LDP, you know a label to it. So when PE2 recursively looks for a route toward PE1's loopback, it will come across its own next hop toward PE1 and the associated MPLS label. Therefore, PE2 imposes a label on that packet and sends it along its way. Routers in the core will forward this packet based on the MPLS label, and this label effectively traces a path from PE2 to PE1. The last router before PE1 removes this label and PE1 receives the packet in its native form as if the core was running BGP without MPLS. Thanks to all of this, however, your core does not need to know external routes because it never needs to deal with them - it deals with labeled packets instead. The only disadvantage occurs when a packet heading towards some external destination is received by an internal router. Because this internal router does not run BGP and does not know external networks, the only way for it is to follow a default route that is injected into core by one or more PEs. The packet will therefore travel to the nearest PE and because PEs run BGP, it will be forwarded from that PE along the proper path. This can result into potentially suboptimal routing if the nearest PE that got the packet thanks to the default route isn't on the best path toward the packet's real destination, but this is an acceptable compromise.

Feel welcome to ask further!

Best regards,
Peter

 

jonathan johnson
Level 1
Level 1
In response to Peter Paluch

‎05-27-2015 06:12 PM

Hi Peter,

Thanks for your thorough and detailed reply - it's helped a lot in filling in a few gaps in my understanding.

I will set this up in a lab with a view to moving it to a production network - but before doing that, this is the overall plan - can you advise if it's considered best/good practise and scalable?

1.  On the P and PE routers run OSPF and only advertise the loopback and mpls enabled interfaces with no redistribution into OSPF configured.

2.  Enable mpls on all interfaces that are in the data flow path (moving data between other mpls enabled routers)

3.  Establish BGP peers between each of the PE routers and redistribute connected and static routes.  

4.  Use router reflectors where required to reduce the need to config peers between all routers 

One concern I have is the convergence time for new hosts appearing in the BGP table - for example if a new DSL service comes online and their IP appears on a PE, the convergence time will be fairly slow when propagating the route to other PE's when compared to OSPF.

Or in the above scenario, would it be better to run OSPF throughout the network to distribute connected and static routes in OSPF and only use MPLS for layer 3 VPN's etc?

Thanks,

Jonno 

 

 

  

vivek srivastava
Level 7
Level 7
In response to jonathan johnson

‎05-27-2015 09:41 PM

I think below approch will be more systematic:

 

1. enable MPLS on PE-PE, PE-P and P-P interfaces as well as globaly on the router.

2. configure OSPF (prefer single are 0) on PE-PE, PE-P and P-P interfaces

3. Configure RR

4. Enable RR to PE peering

5. configure VRFs.

6. If Applicable, redistribute static or connected within "address-family ipv4 vrf <vrf name>" under BGP process of PE router

 

One concern I have is the convergence time for new hosts appearing in the BGP table - for example if a new DSL service comes online and their IP appears on a PE, the convergence time will be fairly slow when propagating the route to other PE's when compared to OSPF.

On Inital stage you have standard propogation delay. But later on you will not feel any convergence issues here as the core MPLS network works on label switching which is faster than the normal L3 routing. BGP is used to get the next-hop.

 

Or in the above scenario, would it be better to run OSPF throughout the network to distribute connected and static routes in OSPF and only use MPLS for layer 3 VPN's etc?

NO

 

Peter Paluch
Cisco Employee
Cisco Employee
In response to vivek srivastava

‎05-28-2015 01:06 AM

Hi Jon and Vivek,

Personally, I agree with most of Vivek's recommendations.

Vivek, the one thing I do not entirely agree with is your focused intention of introducing VPNs into Jon's network. I don't see a use case for that in Jon's network. You don't configure VPNs just for the sake of having VPNs, rather, you configure them to provide a specific service you know you need. At the present knowledge of Jon's network, I do not see how the introduction of MPLS L3 VPNs is going to simplify or streamline the configuration and operation, or solve a requirement that could not be met by other means.

Regarding the order of steps of introducing the changes into network, my preferred order would be:

  1. OSPF (neither BGP nor MPLS will operate without internal routing in place)
  2. MPLS (to have it running before BGP kick into action so that whatever routes BGP advertises, the path to the other PE's loopback is already labeled)
  3. BGP + RRs
  4. Route injection into BGP

One concern I have is the convergence time for new hosts appearing in the BGP table - for example if a new DSL service comes online and their IP appears on a PE, the convergence time will be fairly slow when propagating the route to other PE's when compared to OSPF.

I suppose you are talking about a DSL subscriber connecting and its /32 address being added to the routing table pointing to the appropriate Virtual-Access interface, right? Performing the redistribute connected in BGP could indeed take up to 60 seconds until the customer router is injected into BGP and advertised to its peers. A better approach is this:

  • Have your DSL customers get their IP addresses from a particular IP subnet, for example, 192.0.2.0/24
  • On the PE that serves these clients, configure the static route for this network, pointing to Null0:

    ip route 192.0.2.0 255.255.255.0 Null0
     
  • Now inject this route into the BGP using any appropriate method - a redistribute static can be used, or - in this case, as this is just a single network - the network 192.0.2.0 command would also be appropriate.

This approach has several advantages. First, you prevent BGP from experiencing route churn as DSL clients come and go, because instead of their individual IP addresses, you only advertise the entire subnet these clients can be covered with, and this subnet is stable. Second, this approach effectively summarizes the clients' addresses - instead of advertising hundreds of client IP addresses, you advertise just a single subnet. Third, this Null0 route makes sure that if any packets for non-existent clients arrive to your PE (for example, the DSL client has abruptly disconnected while packets are still pouring in for this client), they will be discarded right away instead of forwarding them through some different route, perhaps a default route, and causing a transient routing loop.

If you have multiple PEs serving DSL clients then each PE should use a unique subnet from which the clients get their IP addresses. This will allow you to extend the suggested approach to an arbitrary number of PEs, each of them advertising its own subnet from which client IPs are allocated.

Best regards,
Peter

vivek srivastava
Level 7
Level 7
In response to Peter Paluch

‎05-28-2015 01:13 AM

Hi Peter,

This came to my mind as well, and if you see my first post, I clearly asked that is there are any VPNs in the network or not ?? and got reply that there are some VPNs (layer 3).

 

Peter Paluch
Cisco Employee
Cisco Employee
In response to vivek srivastava

‎05-28-2015 01:15 AM

Hi Vivek,

Aaaah, yes, you're right. Sorry. I was focusing on explaining the principle of BGP-free core and I sort of neglected the mention of VPNs in Jonno's response (which was very fleeting, anyway).

Best regards,
Peter

0 Helpful

jonathan johnson
Level 1
Level 1
In response to Peter Paluch

‎05-28-2015 03:13 AM

Thank you both Peter and Vivek, your input has been excellent and has helped me get a better understanding and a clearer picture on how it all fits together in my scenario.

All the best,

Jonno. 

0 Helpful

Gabriel Farias
Level 1
Level 1
In response to Peter Paluch

‎07-12-2016 10:58 AM

Hi members,

My question seems to be an improvement over using the mpls-BGP-free core feature, my internet environment already uses the mpls-BGP-free core feature and be divided into EDGE-CORE-ACCESS, we have the demand to offer internet service based on IPv6 in addition to the current IPv4, my question is using the same reasoning, I can make this offer IPv6 without changing all my IGP CORE? ,i.e, only enabling address-family IPv6 in equipment EDGE  and ACCESS, I would need to have any other concerns? Let me know if my understanding be correct?

Regards

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to Gabriel Farias

‎07-22-2016 05:30 AM

Gabriel,

If I understand you correctly, you would like to offer IPv6 connectivity over a core network that runs IPv4+MPLS. Is that correct?

If so, there is a feature called 6PE that provides a nice way of enabling IPv6 services over IPv4-based MPLS network. There is quite a lot of articles out there that discuss this feature - I suggest you have a look:

http://nagendrakumar-nagendra.blogspot.sk/2010/11/6pe-ipv6-over-mpls.html

https://mpreath.wordpress.com/2011/07/05/6pe-configuration-with-cisco-ios/

http://www.firstdigest.com/2012/09/cisco-ipv6-over-ipv4-mpls-6pe/

Of course, feel welcome to ask further!

Best regards,
Peter

0 Helpful

Gabriel Farias
Level 1
Level 1
In response to Peter Paluch

‎08-03-2016 10:13 AM

Peter,
Your understanding is correct, thank you for the feedback, for now I will read the articles and delve on the issue.

Regards,

Gabriel Farias

0 Helpful

a-gould
Level 1
Level 1

‎08-08-2020 05:04 PM - edited ‎08-08-2020 05:05 PM

Yes you would need to redis static and connected routes into L3VPN at PE-edge routers

 

Interestingly, Juniper Junos automagically redistributes connected and static routes into an L3VPN, just another Juniper pleasant surprise as I’ve been learning and deploying Juniper in my networks

0 Helpful
Customers Also Viewed These Support Documents