Posts from ‘VPN’
Probably one of the most confusing topics for people studying BGP/MPLS VPNs are EIGRP SoO and Cost communities. Not the concepts themselves, but rather their purpose. Lack of clear documentation makes it hard to understand why and how the specific features are implemented. In this blog post we discuss the BGP Cost community and EIGRP SoO attribute. First, a brief overview of MP-BGP is given along with general concepts of route redistribution in MPLS/BGP VPNs. Next, the problems that arise when using EIGRP in multihomed VPN environment are demonstrated. Lastly, the two specific EIGRP features are described and their use demonstrated. As usual, a reader is assumed to have basic understanding of fundamental L3 VPNs and PE-CE routing concepts. You may download the post in PDF format at the following link: Understanding EIGRP SoO and BGP Cost Community
Let’s say you get a bunch of inexpensive (but a bit outdated) routers (36XX or 72Xx) and some really nice (maybe not so cheap) Cisco switches (e.g. 3550/3560) and you would like to provide a VPLS-like service to your customers. Since VPLS is a service available only on more powerful Cisco platforms, we have to figure a way to simulate Multipoint Ethernet L2 VPN over a packet switching network (PSN) using only “convenient” point-to-point L2 VPN services.
Let model a situation where we have a number of routers connected over (PSN), with an ethernet switch connected to router at every location:
What we can do, is connect ethernet ports using pseudowires to form a virtual ring topology over PSN. That is, refeferring to our picture, xconnect routers’ ethernet ports counter-clockwise, say xconnect E0/0 of R3 with E0/1 of R4, then E0/0 of R4 with E0/1 of R5 and finally E0/0 of R5 with E0/1 of R3. Effectively, we will form an ethernet ring, partially connected over convenient switches, and partially using L2VPN pseudowires. Router configurations look pretty much similar, for example at R3 we would have something like this
R3: pseudowire-class PW_CLASS encapsulation l2tpv3 ip local interface Loopback0 ! interface Loopback0 ip address 188.8.131.52 255.255.255.255 ! ! Xconnecting E0/0 of R3 with E0/1 of R4 ! interface Ethernet0/0 no ip address xconnect 184.108.40.206 34 encapsulation l2tpv3 pw-class PW_CLASS ! ! Xconnecting E0/1 of R3 with E0/0 of R5 ! interface Ethernet0/1 no ip address xconnect 220.127.116.11 35 pw-class PW_CLASS ! ! Frame-Relay is used to connect to other routers (PSN network) ! interface Serial1/0 no ip address encapsulation frame-relay ! interface Serial1/0.34 point-to-point ip address 18.104.22.168 255.255.255.0 frame-relay interface-dlci 304 ! interface Serial1/0.35 point-to-point ip address 22.214.171.124 255.255.255.0 frame-relay interface-dlci 305 ! ! OSPF is used as a sample IGP ! router ospf 1 router-id 126.96.36.199 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0
Speaking honestly, it’s not “classic” VPLS in true sense:
Firstly, STP should be running over ring topology, in order to block redundant ports. One can use star topology and disable STP, but this will introduce a single point of failure into the network. Classic VPLS does not run STP over packet core, only a full-mesh of pseudowires.
Secondly, there is no MAC-address learning for pseudowires, since they are point-to-point in essense. MAC addresses are learned by switches, and this impose a usual scalability restriction (though cisco switches may allow you to scale to a few thousands of MAC addresses in their tables).
However, this is funny and simple example of how you can use a simple concept to come up with a more complicated solution.