Hi,
Due to an implementation of a L2 VPN (EoMPLS) I am having to extend the
boundary of my MAN running MPLS a step further towards the datacentre.
The MAN has several sites all in a simple L3 vpn.
There is redistribution between the rest of the corporate network (eigrp) and
the MAN vrf en vice versa on the core MAN switches.
This is the relevant config:
ip vrf MAN
rd 65041:100
route-target export 65040:100
route-target import 65040:100
mdt default 239.18.250.1
mdt data 239.18.251.0 0.0.0.255 threshold 500
interface GigabitEthernet3/1
description ** 1G LAN **
ip vrf forwarding MAN
ip address 10.10.22.1 255.255.255.240
ip access-group level0_g3/1 in
ip verify unicast source reachable-via rx
logging event link-status
<omitted>
interface TenGigabitEthernet7/4
description ** 10G to 6509_E int TenG1/1 **
no ip address
logging event link-status
!
interface TenGigabitEthernet7/4.100
description *** connection to the rest of the corporate network ***
encapsulation dot1Q 100
ip vrf forwarding MAN
ip address 172.18.250.130 255.255.255.252
!
<omitted>
!
router eigrp 1
no auto-summary
!
address-family ipv4 vrf MAN
redistribute connected
redistribute static
redistribute bgp 65040 route-map bgp-to-eigrp
network 172.18.250.128 0.0.0.3
default-metric 1000000 1 255 1 1500
no auto-summary
autonomous-system 1
exit-address-family
nsf
!
router isis
<omitted>
bfd all-interfaces
!
router bgp 65040
bgp router-id xxxxxx
<omitted>
!
neighbor 10.20.30.12 peer-group MAN_internal
!
address-family vpnv4
<omitted>
exit-address-family
!
address-family ipv4 vrf MAN
redistribute connected
redistribute static
redistribute eigrp 1 route-map eigrp-to-bgp
default-information originate
no auto-summary
no synchronization
exit-address-family
!
As you can see the interfaces of the MAN sites and the interface towards the
global network are in the same vrf & redist is done under address-families
(eigrp and BGP)
Now due to extending the MPLS boundary (or the MAN boundary) to a device which
is a part of the corporate network, I have to move the redistribution also on
this device. (6509-E sup 720-3b) .
The MAN and the rest of the corporate network can be seen as one entity but
redist is required because of the MPLS platform on the MAN and normal EIGRP on
the rest of the network. On this 6509 (122-18.SXF7) I should have a similar
redistribution as shown above but except for the interface towards the MAN
there are no vrfs configured. So what are my options?
1. configure a corporate vrf and im-export the route-targets mutually between
the MAN vrf
2. Use fancy PBR/VRF stuff which requires SFI
3. Do not change MPLS boundary, terminate EoMPLS on the PE, transport (trunk)
all remote vlans over the corporate device (the 6509) which makes the corporate
core switch part of the datacentre where the EoMPLS traffic is supposed to go.
Topology:
Remote MAN site switch =>PE--MPLS--PE=>corporate switch => datacentre switch
I am inclined towards option 1 and would like your opinions about this.
Design guidelines are:
Dynamic routing required
I can unicast more details if someone has the time and the inclination....
Sorry for the lengthy mail - trying to be as complete as possible
Nasir Shaikh
This email contains information from BT Nederland N.V., which may be privileged
or confidential.
It's meant only for the individual(s) or entity named above. If you are not the
intended recipient, note that disclosing, copying, distributing or using this
information is prohibited.
If you have received this email in error, please let me know immediately on the
email address above.
We monitor our systems, and may record your emails.
BT Nederland N.V.
Registered office: Offices Minerva and Mercurius, Herikerbergweg 2, 1101 CM
Amsterdam
Registered at the Amsterdam Chamber of Commerce no: 33296214
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
