MPLS VPN Design and BGP SoO

From: Keller Giacomarro <keller.g_at_gmail.com>
Date: Sun, 7 Oct 2012 23:18:45 -0500

I am having issues understanding when to use SoO where. These are the
scenarios I can think of where we'd be using BGP as the IGP and would
consider the use of some of these more advanced BGP multi-homing features...

Two sites, different ASNs, no backdoor link
- no special config needed

Two sites, same ASN, no backdoor link
- use either allowas-in or as-override to allow the sites to accept routes
from each other
- if any of the site are multi-homed, use SoO to keep the routes from
circling back into the same site via the other PE

Two sites, different ASNs, with backdoor (backup-only) link
- peer the backdoor CE routers via eBGP and prepend to prefer the MPLS link

Two sites, same ASN, with backdoor (backup-only) link
- ???

One site, one ASN, multiple MPLS exit points, with intra-site active
(non-backup) links
- no special config needed, but MPLS cannot be used if the internal site
becomes segmented (due to AS_PATH loop prevention)

First, are the above designs correct?

And second, what is the proper way to setup "Two sites, same ASN, with
backdoor (backup-only) link"? I put it into GNS3, and I can't get the
traffic to prefer the MPLS backbone instead of the backup (iBGP) link. The
PE routers both prefer the eBGP link towards the internal network, and
neither will accept the (preferred) iBGP ad from their peer PE router. It
works fine going the reverse -- backup link works great, and if the backup
link goes down the MPLS core is used.

The only way I can figure to get the desired "MPLS primary, backdoor link
is backup" behavior is to do some kludge between the CE routers so that
they only advertise the routes to each other if the MPLS network is down.

Is the only time you want to use BGP SoO when all your sites are on the
same AS (forcing allowas-in or as-override), and some are multihomed?
 Otherwise, won't BGP AS_PATH loop prevention prevent the looping?

Very confused, appreciate your input!

Keller Giacomarro
keller.g_at_gmail.com

Blogs and organic groups at http://www.ccie.net
Received on Sun Oct 07 2012 - 23:18:45 ART

This archive was generated by hypermail 2.2.0 : Thu Nov 01 2012 - 10:53:33 ART