nanog mailing list archives

Re: "Cisco MPLS-based VPNs" & BGP Stability

From: "Franklin Lian" <Franklin.Lian () globalone net>
Date: Wed, 18 Apr 2001 16:18:41 -0400


Hi, Robert

After dealing with MPLS-VPN for about two years I have something to
say about whether we should put IPv4 and VPNv4 on the same box.  Well
I will be more focus on the enterprise side instead of Internet side.

The characteristics of VPN are quite different from the Internet
customers, and I don't believe it is a good idea to use the same
hardware/software to address the requirements from two total 
different worlds.

Here are some differences:

Requirements            Internet                Enterprise
------------------------------------------------------------
Access Speed            High (DS3 and above)    Low (64K~DS3)
Routing table           Huge (100K and above)   Small (up to 10K)
Serurity                Some                    Critical
Convergence time        in term of min          in term of sec

Regarding routing process, I have less concern on the impact that
VPNv4 routes bring to IPv4, however, I have some concerns on the 
impact that the 100k IPv4 routes bring to the VPN world.

Cisco IOS gives me two BGP timers for tuning the convergence time of
BGP.  BGP has been proven to be scalable but not as fast as IGP such
as OSPF that is widely deployed in enterprise network.  With pure VPN
I can try to reduce the BGP timer for speeding the convergence up,
however, with full Internet routing table I would not do that.

I will say the scalability and fast speed convergence is a pair of
contradictions here.  Internet requires scalability much more, and
enterprise network requires faster convergence time on the hand.  So
I will not say it makes a lot of sense to bind them together.

Another issue is about maintenance and supporting.  Due to different
access speed requirements, and technologies used for the services,
the best IOS code for Internet service is not the code for the VPN
service.  At least YET.  I understand theoretically the code can be
converged into one, but I am talking about practical implementation.

Current thread:

"Cisco MPLS-based VPNs" & BGP Stability Danny McPherson (Apr 17)
- Re: "Cisco MPLS-based VPNs" & BGP Stability Robert Raszuk (Apr 17)
  - Message not available
    - Re: "Cisco MPLS-based VPNs" & BGP Stability Robert Raszuk (Apr 17)
- <Possible follow-ups>
- Re: "Cisco MPLS-based VPNs" & BGP Stability Danny McPherson (Apr 17)
  - RE: "Cisco MPLS-based VPNs" & BGP Stability Christian Kuhtz (Apr 17)
  - Re: "Cisco MPLS-based VPNs" & BGP Stability Robert Raszuk (Apr 18)
    - Re: "Cisco MPLS-based VPNs" & BGP Stability Franklin Lian (Apr 18)
    - Re: "Cisco MPLS-based VPNs" & BGP Stability Robert Raszuk (Apr 18)