[175153] in North American Network Operators' Group
Strategies for migrating lots of customers into L3VPN / route-leaking
daemon@ATHENA.MIT.EDU (Daniel Rohan)
Thu Oct 9 16:58:14 2014
X-Original-To: nanog@nanog.org
From: Daniel Rohan <drohan@gmail.com>
Date: Thu, 9 Oct 2014 13:57:45 -0700
To: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
[apologies for the x-post-- I didn't get any responses from the j-nsp list,
so I thought I'd try a larger audience- edited to remove some juniper
jargon]
Hi all,
I'm working on virtualizing a regional network with about 500 customer
sites into an L3VPN. All of my customer routes (plus our internet routes)
currently exist in the global table on our routers. The end-state I=E2=80=
=99d like
to achieve is to have our provider's Internet routes isolated into a VRF
and our customers isolated into their own VRF with vrf-import policies
leaking the routes between the two.
Before someone asks =E2=80=9Cwhy?=E2=80=9D I=E2=80=99ll just stop that and =
say that it=E2=80=99s likely
that in the near future I=E2=80=99ll have different customer classes demand=
ing
different upstream providers on the same physical gear but still wanting
the same path/latency to the other customer classes we provide today.
So- I=E2=80=99d like to move our customer routes piecemeal into a VRF in as
controlled a way as possible without causing network segmentation or having
to constrain traffic through specific paths. That way we could move
reasonable sections of the network into the L3VPN over a period of a few
weeks. My first thought was to set up route leaking between the VRFs and
the global table, but looking back at listserv threads as well as Juniper
docs, I realize it's not possible to export MP-BGP learned routes into the
global table using Juniper rib groups.
I'm currently looking into using BGP between logical tunnel interfaces
on the global table and a vrf to accomplish the route sharing, and that
seems like a good possibility, but I=E2=80=99m curious about a few things:
1) Does anyone run production traffic through logical tunnel interfaces
between the global table and routing instances? (we=E2=80=99re using fairly
lightly-loaded MX480s)
2) Does any one have a smarter strategy that I could borrow to accomplish
this transition? It all feels so kludge-y and brittle.
-Dan
