Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
On Monday, February 18, 2013 10:19:17 PM Sigurbjörn Birkir Lárusson wrote: The implementation of draft-rosen on the 7600 is very quirky and it has been our experience that there are more bugs and problems with it than can reasonably be expected. In particular in regards to protected sources (particularly problems with duplicate streams) and punting of traffic to the IBC, neither of which are easy to troubleshoot and can cause mayhem. If you intend to do a new implementation on the 7600 at this point and have your mind set on using MVPN, I'd recommend going with MLDP When I ran an NG-MVPN network, we took advantage of the MPLS data plane and implemented FRR within the p2mp RSVP-TE tunnels. So failure within the core resulted in ultra-quick switchovers to the backup links. Most times, there was no visible effect on picture quality; sometimes, it was very minor pixelation which could have been mistaken for a cloud passing over a Ku-band dish :-). Things were a little more challenging between the Sender and Receiver PE routers, where we ran PIM. Those links fed into BGP (which signaled PIM in the core), so the network could easily converge to backup PE-CE links (we had three) using LOCAL_PREF. This took care of where PIM Joins were going to, and in effect, where downstream traffic was coming from. The slowest part of convergence was when the primary link returned, and BGP immediately re-installed the path toward that link (since it had the highest LOCAL_PREF), and it took as many as 30 seconds for video to resume across the new path. This was even after setting the BGP timers to their lowest (about 6.6 seconds in Junos). This also varied depending how the link was recovered, whether it was brought up with the no shutdown command or by plugging the fibre in, e.t.c. So 30 seconds was the worst average we concluded on, for simplicity. There was some work going on with draft-morin-l3vpn-mvpn- fast-failover-05, but I haven't followed progress or implementation of this since I stopped managing that network. Hopefull, I soon will with the new one :-). That said, I think this draft focused mostly on p2mp RSVP-TE, I'm not sure how applicable it could be to mLDP (and certainly wouldn't be to regular IP/GRE Multicast). Mark. signature.asc Description: This is a digitally signed message part. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
here we talk about converging the MDT S,G And this is something I'm not quite sure how it works during the failure. For afi mdt the advertise best-external should work but additional paths install is not an option. I tried to lab a primary-egress-PE-CE link failure in redundantly connected CE acting as RP and Source. And I was expecting the primary egress PE would perform sort of a local-repair and send triggered join towards the secondary PE resulting in Data-MDT between the PEs until BGP converges. That did not happen though and only after the ingress PE received withdraw about the source from the primary egress PE, the ingress PE sent the join towards the secondary egress PE. Right the iACLs would be the only choice for global routing table solution. adam -Original Message- From: Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com] Sent: Monday, February 18, 2013 5:58 PM To: Adam Vitkovsky; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT easier to reduce loss-of-connectivity after link/node failures using IGP Fast Convergence compared to BGP-based convergence. Yes the convergence time would be slower I suppose as a mere addition of another protocols to the picture. Though if you consider the whole LoC timeframe the IGP or BGP convergence is one of the smallest portions -compared to the PIM convergence time. well, that really depends on the failure and platform, but BGP control-plane convergence is generally a magnitude higher than PIM. So I would not discount this if you're after sub-second convergence. IOS-XR and halfway recent IOS /XE releases use an source-based, event-triggered RPF check and will be able to send out the required PIM Joins quite fast, so the time difference of BGP vs. IGP will make a difference.. Core link failures would still be handled quickly, here we talk about converging the MDT S,G.. Why do you consider putting it into a VRF? Well the main concern my boss has is the exposure of core/global routing table to set-top-boxes -as a potential attack vector Hmm, if the global routing is limited to the IP-TV Vlan, locking it down via generic ACLs is easy as the traffic sources and type will be very limited. oli -Original Message- From: Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com] Sent: Monday, February 18, 2013 4:25 PM To: Adam Vitkovsky; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table current implementation makes it generally easier to reduce loss-of-connectivity after link/node failures using IGP Fast Convergence compared to BGP-based convergence when the mcast sources/TV headends are visible in BGP. You can also use p2mp-TE-FRR when mcast is in the global routing table (not sure if things have changed there). MoFRR is also targeted for PIM deployments in the global table, and some live-live approaches might not work as well if the sources aren't visible from the core/P nodes. Why do you consider putting it into a VRF? I acknowledge that reasoning is highly dependent on specific network topology and requirements.. oli ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
Hi folks, Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table current implementation makes it generally easier to reduce loss-of-connectivity after link/node failures using IGP Fast Convergence compared to BGP-based convergence when the mcast sources/TV headends are visible in BGP. You can also use p2mp-TE-FRR when mcast is in the global routing table (not sure if things have changed there). MoFRR is also targeted for PIM deployments in the global table, and some live-live approaches might not work as well if the sources aren't visible from the core/P nodes. Why do you consider putting it into a VRF? I acknowledge that reasoning is highly dependent on specific network topology and requirements.. oli ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
A lot of complexity, protocol overhead, data mdt scalability, more state, more bugs, PIM pimping / RPF vector, more RPs in case of sparse-mode... If VPN is mandatory I would go MLDP if supported. -- Christian On 18.02.2013, at 16:09, Adam Vitkovsky adam.vitkov...@swan.sk wrote: Hi folks, Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
If you running on a 7600 I'd stay as far away from Draft-Rosen for this deployment model as possibleŠ Kind regards, Sibbi On 18.2.2013 16:05, Christian Meutes christ...@errxtx.net wrote: A lot of complexity, protocol overhead, data mdt scalability, more state, more bugs, PIM pimping / RPF vector, more RPs in case of sparse-mode... If VPN is mandatory I would go MLDP if supported. -- Christian On 18.02.2013, at 16:09, Adam Vitkovsky adam.vitkov...@swan.sk wrote: Hi folks, Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
easier to reduce loss-of-connectivity after link/node failures using IGP Fast Convergence compared to BGP-based convergence. Yes the convergence time would be slower I suppose as a mere addition of another protocols to the picture. Though if you consider the whole LoC timeframe the IGP or BGP convergence is one of the smallest portions -compared to the PIM convergence time. Why do you consider putting it into a VRF? Well the main concern my boss has is the exposure of core/global routing table to set-top-boxes -as a potential attack vector adam -Original Message- From: Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com] Sent: Monday, February 18, 2013 4:25 PM To: Adam Vitkovsky; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table current implementation makes it generally easier to reduce loss-of-connectivity after link/node failures using IGP Fast Convergence compared to BGP-based convergence when the mcast sources/TV headends are visible in BGP. You can also use p2mp-TE-FRR when mcast is in the global routing table (not sure if things have changed there). MoFRR is also targeted for PIM deployments in the global table, and some live-live approaches might not work as well if the sources aren't visible from the core/P nodes. Why do you consider putting it into a VRF? I acknowledge that reasoning is highly dependent on specific network topology and requirements.. oli ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
Yes it's additional complexity indeed, though we would use SSM so no RPs in the core and no inter-as mvpns(so far :) ) so need for RPF proxy-vectors Yes I'd love to go with MLDP though unfortunately it's not supported on me3600's adam -Original Message- From: Christian Meutes [mailto:christ...@errxtx.net] Sent: Monday, February 18, 2013 5:05 PM To: Adam Vitkovsky Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT A lot of complexity, protocol overhead, data mdt scalability, more state, more bugs, PIM pimping / RPF vector, more RPs in case of sparse-mode... If VPN is mandatory I would go MLDP if supported. -- Christian On 18.02.2013, at 16:09, Adam Vitkovsky adam.vitkov...@swan.sk wrote: Hi folks, Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
I hear you :) adam -Original Message- From: Sigurbjörn Birkir Lárusson [mailto:sigurbjo...@vodafone.is] Sent: Monday, February 18, 2013 5:25 PM To: Christian Meutes; Adam Vitkovsky Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT If you running on a 7600 I'd stay as far away from Draft-Rosen for this deployment model as possibleŠ Kind regards, Sibbi On 18.2.2013 16:05, Christian Meutes christ...@errxtx.net wrote: A lot of complexity, protocol overhead, data mdt scalability, more state, more bugs, PIM pimping / RPF vector, more RPs in case of sparse-mode... If VPN is mandatory I would go MLDP if supported. -- Christian On 18.02.2013, at 16:09, Adam Vitkovsky adam.vitkov...@swan.sk wrote: Hi folks, Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
If you running on a 7600 I'd stay as far away from Draft-Rosen for this deployment model as possible Could you say anything about why? Steinar Haug, Nethelp consulting, sth...@nethelp.no ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
easier to reduce loss-of-connectivity after link/node failures using IGP Fast Convergence compared to BGP-based convergence. Yes the convergence time would be slower I suppose as a mere addition of another protocols to the picture. Though if you consider the whole LoC timeframe the IGP or BGP convergence is one of the smallest portions -compared to the PIM convergence time. well, that really depends on the failure and platform, but BGP control-plane convergence is generally a magnitude higher than PIM. So I would not discount this if you're after sub-second convergence. IOS-XR and halfway recent IOS /XE releases use an source-based, event-triggered RPF check and will be able to send out the required PIM Joins quite fast, so the time difference of BGP vs. IGP will make a difference.. Core link failures would still be handled quickly, here we talk about converging the MDT S,G.. Why do you consider putting it into a VRF? Well the main concern my boss has is the exposure of core/global routing table to set-top-boxes -as a potential attack vector Hmm, if the global routing is limited to the IP-TV Vlan, locking it down via generic ACLs is easy as the traffic sources and type will be very limited. oli -Original Message- From: Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com] Sent: Monday, February 18, 2013 4:25 PM To: Adam Vitkovsky; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT Are there any cons for running IPTV in draft-rosen-mvpn as opposed to global routing table current implementation makes it generally easier to reduce loss-of-connectivity after link/node failures using IGP Fast Convergence compared to BGP-based convergence when the mcast sources/TV headends are visible in BGP. You can also use p2mp-TE-FRR when mcast is in the global routing table (not sure if things have changed there). MoFRR is also targeted for PIM deployments in the global table, and some live-live approaches might not work as well if the sources aren't visible from the core/P nodes. Why do you consider putting it into a VRF? I acknowledge that reasoning is highly dependent on specific network topology and requirements.. oli ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] pros and cons for IPTV multicast in rosen-mvpn vs GRT
The implementation of draft-rosen on the 7600 is very quirky and it has been our experience that there are more bugs and problems with it than can reasonably be expected. In particular in regards to protected sources (particularly problems with duplicate streams) and punting of traffic to the IBC, neither of which are easy to troubleshoot and can cause mayhem. If you intend to do a new implementation on the 7600 at this point and have your mind set on using MVPN, I'd recommend going with MLDP Kind regards, Sibbi On 18.2.2013 16:47, sth...@nethelp.no sth...@nethelp.no wrote: If you running on a 7600 I'd stay as far away from Draft-Rosen for this deployment model as possible Could you say anything about why? Steinar Haug, Nethelp consulting, sth...@nethelp.no ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/