cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
530
Views
5
Helpful
10
Replies

MPLS WAN

irfansbp76
Level 1
Level 1

If we have 50 sites on MPLS and MPLS provider running BGP on CE router. Which routing protocol should we use on LAN side and Why ? Can we use BGP on LAN side. Can we ask MPLS provider to run OSPF on CE router ?

Appreciate your help.

Irfan

10 Replies 10

Reza Sharifi
Hall of Fame
Hall of Fame

They most likely will not run OSPF with CEs. In most cases, the providers run only BGP or static with their customers, but you can always run OSPF internally.

HTH

Joseph W. Doherty
Hall of Fame
Hall of Fame

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

What routing protocol to use on your LAN?  Whatever seems the most suitable, considering the needs of your LAN topology and what your equipment supports.

Can you use BGP on the LAN side?  Possibly, although other IGPs are usually better choices.

Can you ask the MPLS provider to run OSPF on the CE?  Sure, you can ask.  Whether they can, or are willing, are usually better questions.  (Sometimes you can run OSPF across a MPLS WAN too, might require VPN tunnels, though.)

irfansbp76
Level 1
Level 1

@JOSEPH AND REZA ,thanks for your replies

 

@Joseph , You are saying service provider can run OSPF between CE and PE router if using MPLS-VPN. Can we use OSPF in area 0 for 50 sites ?

My second question is if we decided to run BGP only on LAN side (BGP running Between CE-PE). How can we create neighbor relationship and advertise routes into our LAN ?

much appreciated. Thanks

 

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

As Reza has noted, odds are MPLS provider would not want to run OSPF, except between possibly between CE and your router (it's not clear who is managing the CE, you or the provider - assuming, from your postings, provider is managing CE), but I believe it's possible they can run OSPF between CEs (i.e. across MPLS cloud), for example, if they create tunnels between the CEs.  (I.e. OSPF would not be running between CE and PE, or PE and P, or P and P [in an address space shared with the customer].)  What MPLS-VPN providers are willing to do, varies much between providers.  I'm also assuming we're talking about a L3 MPLS-VPN, but MPLS can also provide L2 between your sites too.  Then something like OSPF across the "cloud", wouldn't be unusual.

Regarding whether all 50 sites might be tied together with an OSPF area zero, they might, but there's always the question how many routers can be run within any OSPF area, and also whether you need other OSPF areas at all.

(NB: BTW, if you want to run a multicast domain across the MPLS cloud, again whether it's possible, and how it's done, varies between MPLS providers.)

If you're running BGP between CE and PE, routes can be shared (redistributed) between CE and interior LAN router(s), or you might use iBGP behind (on the interior) and with the CE.  The CE might also do something just as simple as advertising a default to the IGP.

Let say if I want to run iBGP on LAN side , then I have to create 50 AS for 50 sites or atleast 25 rest will be catered by static routes.

Do you have any design idea to run iBGP on internal network ?

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Remember iBGP is rather awkward, if you intend to use it as you're only interior routing protocol.  So, my first design suggestion would be to carefully reflect on your need to run iBGP, especially if your only interior routing protocol.

Yes, one approach would be each site would have its own AS (often/generally private AS numbering is used).  However, believe it's possible to use just one AS for all your branches too.

Just to add to other comments.

Running one area for OSPF (even if the provider allowed it) is a bad idea because within an area every router needs an identical LSDB which means a link going down in any site would have to be propagated aross the WAN to every other site.

You would want different sites in different areas.

The above only applies if you are actually exchanging OSPF routes across the MPLS cloud. If you run OSPF internally but use BGP to peer with the PE device then each site is in it's own OSPF area anyway and would simply see all other site's routes as OSPF externals so it wouldn't matter what area you used in each site.

BGP is the standard way to connect CE to PE and you can then either do -

1) mutual redistribution on your CE device ie. your IGP into BGP and BGP into your IGP, assuming you are running an IGP

2) use network statements under BGP to advertise the LAN networks to the PE and then redistribute BGP into your IGP on the CE.

I have used the second one and if you have any sites with multiple connections to the MPLS cloud then it means you don't have to worry about route tagging etc. to make sure routes received from the MPLS cloud are not then advertised back to the MPLS cloud.

If all clients have their default gateways as the MPLS router you don't need to worry about any of the above but I was assuming you had other devices eg. L3 switches in each site doing the routing for vlans.

Jon

Thanks Jon. I am using first one. Second one looks good as we have to do only one way re-distributio

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I would quibble a bit with "bad idea" about using a single OSPF area, although I agree with Jon's concern 100%.

"Right sizing" the number of routers, or which routers, to place into an OSPF area is a black art.  It's impacted by many variables, and there's much to be said for trying to avoid an OSPF meltdown.  I.e. better safe than sorry.

Jon is, of course, 100% correct that all links within the same area are maintained in every one of the same area's LSDB (well when converged). But, unless we also start to manage route distribution between OSPF areas, every external area route is maintained in every other external OSPF area router too.

There's much that can be leveraged from OSPF areas, but they have their own quirks too.  BTW, I don't mean to imply in any way that multiple OSPF areas are a "bad idea", but I believe using them well does require a more advanced understanding of OSPF.

Later IOS OSPF implementations support an incremental SPF feature, which sometimes can mitigate the need to split larger OSPF areas.  (It's easy enough to implement and I'm unaware of any downside to its activation.)

There are other options mitigating possible issues with running larger OSPF areas, two that come to mind are dampening and timers, but such would also fall under a more advanced understanding of OSPF, and I think Jon's recommendation (a basic multiple OSPF area design) would be a better approach.

Again, where I differ with Jon, he appears to believe, from what you describe, using a single OSPF area would be a "bad idea", but, for me, I don't think there's enough information to say.  However, I don't see using multiple OSPF areas as bad either.

Joe

But, unless we also start to manage route distribution between OSPF areas, every external area route is maintained in every other external OSPF area router too.

True and I should have pointed that out.

That to me is the biggest advantage of areas ie. you can summarise and for me summarisation is always one of the most important design issues in a LAN/WAN environment.

But of course, as you say, there probably isn't enough information to say that would be an issue eg. each site may only be one IP subnet at the moment so perhaps "bad idea" was overstating it.

I would still probably use areas though :-)

Jon

Review Cisco Networking for a $25 gift card