[40336] in North American Network Operators' Group
Re: MPLS VPNs or not?
daemon@ATHENA.MIT.EDU (Robert Raszuk)
Tue Aug 7 12:00:41 2001
Message-ID: <3B700FD6.B07D9DA9@cisco.com>
Date: Tue, 07 Aug 2001 08:57:10 -0700
From: Robert Raszuk <raszuk@cisco.com>
Reply-To: raszuk@cisco.com
MIME-Version: 1.0
To: Vijay Gill <vijay@umbc.edu>
Cc: nanog@merit.edu, wrath@cs.umbc.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Vijay,
Ok so you say that increasing the number of features in any
implementation can cause critical bugs - hey I agree 100%.
But what is the solution - do the freez in code and do not implement any
new features and enhancements ? All vendors (at least those significant
:) get a lot of new feature requests some of them touching much much
deeper then the mpls-vpn implementation into the elements of bgp, ospf,
isis etc .... Should all vendors just say - forget it we are not doing
it as it can introduce bugs ???
If not why you are particluary so flaming mpls-vpns and not other
features requested which when done wrong can cause hell lot of more
issues into the networks ?
R.
> Vijay Gill wrote:
>
> --On Tuesday, August 07, 2001 08:29 -0700 Robert Raszuk <raszuk@cisco.com>
> wrote:
>
> > Vijay,
> >
> > I am not defending IOS bugs or any particular implementation - I am
> > defending the architecture.
> >
> > R.
>
> Robert,
>
> the point here being that software is a complex beast that is fairly hard
> to get right and often has very subtle failure modes. The interactions
> between various small bugs in subsystems often result in catastrophic
> failures when they interact as a part of a much larger whole. The
> architecture is fine, and in fact like all Powered By PowerPoint (tm)
> architectures, looks good in labs and papers, runs extremely well on slide
> projectors and will probably run fine in the real world for a while too.
>
> However, there are real life operations folks who have to run these things
> on large networks with lots of interactions among various components that
> are hard to duplicate in a lab setting (else we'd have bug free code on
> FCS).
>
> There was no singling out of IOS or any other implementation, I was just
> pointing out two fairly recent failure modes in code paths that has been
> exercised for years and deal with a "well known" RIB and adjacency
> maintenance issues. It is entirely possible that there are no bugs in
> current implementations; I just won't bet my day job on that possibility.
>
> > > Besides for those individuals who have problems with maintaining a
> > > sinlge RIB with IGP routes I would higly advise a caution in deploying
> > > an mpls-vpn service or even touching the routers :).
>
> That was uncalled for. We do have problems maintaining a single RIB with
> IGP routes sometimes, mostly they are due to buggy implementations.
>
> /vijay
