Solved: Re: Implementing MPLS on Existing Infrastructure: Seeking Advice

blitzperf · ‎08-21-2023

Hello everyone!

I'm currently a part of a rapidly growing small ISP that primarily works with Cisco ASR routers, specifically the 1000 series along with a few 9000 series routers. As our company expands, we've decided to venture into offering MPLS services to some of our clients. Our team has been learning and studying basic configurations from various online documents and training resources.

Our current setup involves iBGP and OSPF for managing internet-side traffic. With the addition of MPLS, we've introduced a separate OSPF process exclusively for MPLS traffic while maintaining the original OSPF process for internet traffic.

My question is, given our existing setup, is it recommended for us to implement MPLS in this manner? Are there potential issues we should be prepared to address in the near future? Additionally, are there any aspects we should reconsider or best practices we might be missing before fully integrating MPLS into our infrastructure? Should we be reconsidering our approach or even contemplate a separate equipment/setup for MPLS?

One important note is that our team lacks an MPLS expert, and we haven't yet consulted with an expert on this matter. Our current understanding is solely based on online resources and documents.

I would greatly appreciate any insights, recommendations, or experiences you can share regarding implementing MPLS in a similar setup. Thank you in advance for your assistance!

Best regards,
Blitz

Giuseppe Larosa · ‎08-21-2023

Hello @blitzperf ,

>> Our current setup involves iBGP and OSPF for managing internet-side traffic. With the addition of MPLS, we've introduced a separate OSPF process exclusively for MPLS traffic while maintaining the original OSPF process for internet traffic.

The use of a second OSPF process adds complexity, that is not needed.

Be aware that for LDP MPLS label distribution you can configure MPLS LDP filtering to enable allocation of labels only for loopback addresses.

Also if you are going to give L3 VPN services to customers you may need to provide internet access to these services too.

The main factors to consider are:

you should avoid redistribution of iBGP routes into OSPF to minimize OSPF LS database. You need to deploy MP iBGP eveywhere using BGP route reflectors for multiple address families

ipv4 unicast vpnv4 , l2vpn , l2vpn evpn

You need to accomodate increased MTU on each MPLS enabled link mtu 1512 as a minimum to be able to accomodate

MPLS L3 VPN or MPLS L2 VPN

services. Current settings are 9000 bytes or more.

Changing the MTU impacts on OSPF causing OSPF adjacencies to be rebuilt but it is a necessary step.

Avoid to have

MPLS and non MPLS

paths with equal costs, because this can break connectivity for

MPLS L3 VPN or MPLS L2 VPN

services that are not able to travel on IP only paths.

This is another reason to have a single OSPF process .

Issues with MTU are typically seen when introducing MPLS in a network. You need to take care of increased MTU also on L2 LAN switches if they are on the path, tipycally this is done by enabling jumbo frames on them.

A current setup is to have at least mtu 9000 everywhere in order to avoid issues with L2 VPN services ( L2 traffic cannot be fragmented)

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎08-21-2023

Hello @blitzperf ,

>> Our current setup involves iBGP and OSPF for managing internet-side traffic. With the addition of MPLS, we've introduced a separate OSPF process exclusively for MPLS traffic while maintaining the original OSPF process for internet traffic.

The use of a second OSPF process adds complexity, that is not needed.

Be aware that for LDP MPLS label distribution you can configure MPLS LDP filtering to enable allocation of labels only for loopback addresses.

Also if you are going to give L3 VPN services to customers you may need to provide internet access to these services too.

The main factors to consider are:

you should avoid redistribution of iBGP routes into OSPF to minimize OSPF LS database. You need to deploy MP iBGP eveywhere using BGP route reflectors for multiple address families

ipv4 unicast vpnv4 , l2vpn , l2vpn evpn

You need to accomodate increased MTU on each MPLS enabled link mtu 1512 as a minimum to be able to accomodate

MPLS L3 VPN or MPLS L2 VPN

services. Current settings are 9000 bytes or more.

Changing the MTU impacts on OSPF causing OSPF adjacencies to be rebuilt but it is a necessary step.

Avoid to have

MPLS and non MPLS

paths with equal costs, because this can break connectivity for

MPLS L3 VPN or MPLS L2 VPN

services that are not able to travel on IP only paths.

This is another reason to have a single OSPF process .

Issues with MTU are typically seen when introducing MPLS in a network. You need to take care of increased MTU also on L2 LAN switches if they are on the path, tipycally this is done by enabling jumbo frames on them.

A current setup is to have at least mtu 9000 everywhere in order to avoid issues with L2 VPN services ( L2 traffic cannot be fragmented)

Hope to help

Giuseppe

blitzperf · ‎08-23-2023

Hello Giuseppe,

I apologize for my delayed reply.

We have successfully resolved the issue by configuring the MTU to 9000 on both the routers and L2 switches. This adjustment proved to be highly beneficial as we encountered problems with the default MTU.

Regarding the introduction of an additional OSPF process, we found it necessary due to the fact that not all of our routers are integrated into the OSPF framework. For instance, sites A, B, C, and D each possess routers. While routers C and D are linked to B and operate within OSPF, the connection between A and B is established solely through iBGP. This compelled us to implement a second OSPF process, enabling all the sites to be interconnected via MPLS.

Thank you for your assistance

Best regards,

Blitz