Phone network MPLS Design

Q 264. Tier 3 ISP growing to become Tier 2 ISP. To migrate existing Layer 3 customers that route packets to core to MPLS VPN

a) Assign unique Route Distinguishers

b) Assign unique Route Targets

Answers:

BGP tables

, the for/is designation maps to IGP/eBGP respectively. With IGP between CE-PE, the PE router learns it then redistribute it to iBGP; with eBGP between CE-PE, the route is redistributed in CE router to eBGP process, then PE router picks it up in the VRF routing table.  

Pick 1. Answer is a) unique RDsQuestions derived from this table . Discussion thought question:

1. When a route is learned from eBGP and announced to iBGP, the via field is changed to the announcing router’s IP address. Does this occur by default or by configuration?
2. Exchanging VPN labels occurs at LDP or BGP or no such exchanging of VPN labels? If no exchanging VPN labels, does MPLS packet processing inserts VPN labels encoding the whole RD configuration integer, or a part of it?
3. By only looking at the BGP tables, you can’t distinguish them as a MPLS network from a VRF-Lite network, or can you? If no, is it true that MPLS can be disabled in this network and run all provider routers with iBGP with 2 additional vrf subinterfaces for each link between all iBGP routers?
4. What is the term for the BGP table entry redistributed from IGP? Incomplete or IGP or ‘?’ ?
5. Functionally speaking, the redistribute can be replaced with BGP network command. But will it make any difference in the BGP table of the last router that received the route announcement?
6. At the PE routers, the vrf routing tables have “via 10.168.x.y” routes. How does recursive resolution find the outgoing interface within the vrf routing table? By having infrastructure OSPF interface in the VRF routing table? Or by resolving the next hop in the general routing table outside VRF?

Discussion thought (not actual exam) answer:

1.  
2.  
3. At first glance, you can see that 10.10.11.101 is used by both VPNs in the same provider network, so it seems to be conflict point for VRF-Lite to deliver 2 VPNs’ packets to the same router interface. But, remember, we get to create additional vrf subinterfaces, and the same 10.10.11.101 IP address will be on the different subinterfaces of different VRFs
4. .
5. .
6. VRF routing code is an accomplice of the MPLS forwarding code. Just like browsers being accomplices of SOCKS ssh proxy, where someone from a ssh programming job went to a browser corporation and changed all outgoing IP packets to destinate to the same sshd IP address and embedded the real target IP address in the outgoing packet payload. The VRF code programmer was coerced to send packets to MPLS forwarding service because his/her boss told him that the MPLS configured interfaces are not IP interfaces but rather switching ports, not pristine interfaces for VPN.  In one sentence, the jailbreak is an insider job. 20150718: after studying route leak for Internet access, the jailbreak appears to be the key to allow access to non-VRF Internet.

Multicast. We want to have packets duplicated in P routers, not PE routers.

20160607: final answer has 2 versions. Either version does not have exchanging customer routes nor vpnv4 routes between PE-ASBR. This is because the whole point of option C’s route-reflector is for ASBRs to stay away from the customer routes and stay away from VPNv4.

• The first version is for the /32 routes to be considered infrastructure routes , and ASBRs need to emulate IGP to send LDP via “send-label” command, so ASBR, after receiving IGP redistributes and LDP labels, needs to continue on sending global ipv4 routes and LDP labels to PE. This in my inter-as-mpls-c.virl .
• The second version to for neighbor’s infrastructure routes to be treated differently from local infrastructure routes. Meaning using iBGP to redistribute neighbor /32 routes. So, ASBR, after receiving IGP redistributes and LDP labels, needs to continue on sending global ipv4 routes and LDP labels to PE, via iBGP!

So, either version, ASBR and PE exchanges global infrastructure routes and LDP labels!! Yeah! Case closed.

20160609: the reason bgp “send-label” is needed is because LDP along is usually not sufficient in the first place. LDP needs to work with IGP. MPLE-TE autoroute also needs to work with IGP to replace a /32 route with the TE tunnel circuit, otherwise the /32 route is just a regular /32 route that does not to through the tunnel.

Historical thought development:

BGP tables