The MPLS WG Archive

Cell Relay Retreat>MPLS WG Archive>month:2001-Oct> msg00014



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

RT Import/Export in BGP/MPLS based VPN

  • From: Ajay Simha <asimha@cisco.com>
  • Date: Mon, 1 Oct 2001 17:11:56 -0400 (Eastern Daylight Time)
  • cc: Gürkan_Gülcan_ <GurkanG@koc.net>, <erosen@cisco.com>, <mpls@UU.NET>
  • X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by cell.onecall.net id QAA05111
  • X-X-Sender: asimha@uzura.cisco.com

On Mon, 1 Oct 2001, Sam Ford wrote:

> Hello,
>
> Maybe, I'm getting into too much detail but I would
> like to understand the limitation in RT
> usage/assignment.
>
> For the Q1, if I specify Export 10:1 and 10:2
> in PE-3, all the routes coming from CE-3 will be
> tagged with route targets, both 10:1 & 10:2, and
> hence PE-1 will be able to import those routes
> since those routes from PE-3 carries 10:1 in addition
> to 10:2.
>
> Or, maybe I'm missing something. Does RT need to
> be the same as RD for a given VRF? I didn't see
> any such a restriction.

RT does not have to be the same as RD conceptually.

-ajay
>
> Regards,
> -SF
>
> --- Gürkan_Gülcan_(Koç.Net) <GurkanG@koc.net> wrote:
> > hi,
> > Q1
> > if you don't import 10:3 in 10:1 on PE and 10:2 on
> > PE2, you couldn't reach
> > from 10:3 to 10:1 or 10:2 with to-way communication.
> > and you must just
> > import 10:1, 10:2 and 10:3 to 10:3, not export 10:1
> > and 10:2 from the 10:3.
> >
> > Q2
> > you can write route-map to change route-target. like
> > this
> >
> > access-list 1 permit 10.0.0.0 0.0.0.255
> > route-map routemap1 permit 10
> > match ip address 1
> > set extcommunity rt 10:2 10:3
> >
> > ip vrf temp
> > export map routemap1
> >
> >
> > best regards
> >
> > Gurkan Gulcan
> >
> > -----Original Message-----
> > From: Sam Ford [mailto:samskford@yahoo.com]
> > Sent: Saturday, September 29, 2001 11:11 PM
> > To: erosen@cisco.com
> > Cc: mpls@UU.NET
> > Subject: RT Import/Export in BGP/MPLS based VPN
> >
> >
> > Hello,
> >
> > I have a doubt on the assignment of RT in BGP/MPLS
> > VPN,
> > a little bit off topic from the threat.
> >
> > I was confused about the assignment of RT when going
> > through examples in various materials.
> >
> > Let's say, there are 2 VPNs, in ASN 10.
> >
> > VPN-1: CE-1 - PE-1, and other sites in full mesh
> > VPN-2: CE-2 - PE-2, and other sites in full mesh
> >
> > And one server: CE-3 - PE-3
> >
> > I want to conntect only CE-1 & CE-2 sites with CE-3
> > in Central Services VPN topology. (CE-3 does not act
> > as
> > transit between CE-1 & CE-2, CE-1 & CE-2 cannot
> > communicate). So, I assigned RTs as follows:
> >
> > In PE-1:
> >   RD: 10:1
> >   Export/Import: 10:1
> >
> > In PE-2:
> >   RD: 10:2
> >   Export/Import: 10:2
> >
> > In PE-3:
> >   RD: 10:3
> >   Export/Import: 10:1
> >   Export/Import: 10:2
> >
> > Assuming there's no IP address overlap among those
> > sites.
> >
> > Q1, wouldn't this RT assignment work?
> >
> > In the examples I've seen, RTs are assinged as
> > follows:
> >
> > In PE-1:
> >   RD: 10:1
> >   Export/Import: 10:1
> >   Import: 10:3
> >   Export: 10:4
> >
> > In PE-2:
> >   RD: 10:2
> >   Export/Import: 10:2
> >   Import: 10:3
> >   Export: 10:4
> >
> > In PE-3:
> >   RD: 10:3
> >   Export: 10:3
> >   Import: 10:4
> >
> > Q2, Is there any reason to do this way?
> >
> > Q3, Above, am I creating a new VPN (3) by connecting
> > CE-3
> >   to CE-1 & CE-2? Or am I making CE-3 to belong to
> >   both the existing VPNs (VPN-1 & VPN-2)?
> >
> > I would appreciate any clarification,
> > -SF
> >
> > -----Original Message-----
> > From:	Eric Rosen [SMTP:erosen@cisco.com]
> > Sent:	Friday, September 28, 2001 12:39 PM
> > To:	Eric Gray
> > Cc:	Ajay Simha; Jay Karthik; MPLS mailing list
> > Subject:	Re: LDP usage in MPLS based VPNs
> >
> >
> > In  the  "hub  and spoke"  case  that  Ajay
> > mentioned,  the intent  is  the
> > following.
> >
> > Let H be the  hub, S1 and S2 the spokes.  Let A be
> > the address prefix for a
> > subnet that attaches to S2.  What we want is:
> >
> > - S1 thinks the route to A is via H.
> >
> > - H thinks the route to A is via S2.
> >
> > Thus traffic from S1 to A goes via H and then on to
> > S2.
> >
> > To make this work, S2 must distribute a route RD1:A,
> > and H must distribute a
> > route RD2:A.   Both these  routes have to  be able
> > to
> > pass through  a route
> > reflector, since  RD1:A must make  it to  H, and
> > RD2:A
> >  must make it  to S1.
> > This  implies that  RD1  must be  different  than
> > RD2;
> >  otherwise the  route
> > reflector could not pass on both routes.
> >
> > Given that S1,  S2, and H are in the  same VPN, this
> > is a  case in which you
> > couldn't just replace the RD with a VPN-id.  There
> > might also be other cases
> > in which  you want to pass around  two different
> > routes to  the same address
> > prefix, using  policy to decide which  to install
> > where  (presumably in some
> > manner that ensures loop-freedom).
> >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Listen to your Yahoo! Mail messages from any phone.
> > http://phone.yahoo.com
>
>
> __________________________________________________
> Do You Yahoo!?
> Listen to your Yahoo! Mail messages from any phone.
> http://phone.yahoo.com
>

-- 
Ajay Simha
MPLS Deployment Engineer
IOS Technology Division
(919) 392-3141

"Study as if you were to live forever
 Live as if you were to die tomorrow"

 - Mahatma Gandhi