MPLS design advice needed

misa2 · February 27, 2014, 8:03pm

Hello guys and gals.

I need some advice about MPLS setup. I have a lot of sites, and i want each site to have same 4 vlans. I would like to use MPLS to make L3VPN infrastructure. L3VPN topology will be hub and spoke, and all spoke site vlans will have static routes to hub site vlan (for each vlan separately). MPLS cloud will have OSPF routing between P and PE routers.

Is it possible to have only one RouterOS device on each hub site, acting as both CE, and PE MPLS node at the same time? Basically, i want one RB433UAH to deliver VLAN100 on ether1, VLAN200 and VLAN300 on ether2, and VLAN400 on ether3. WDS will be part of MPLS cloud.

Does anybody have similar setup?

Cheers,
Misa

shahbazian · February 28, 2014, 10:28pm

Hello Misa.
Yes I have similar setup; network diagram like:
[router1]<–single link–>[router2]
And setup MPLS on that network.

Rememmber: Use

/mpls ldp
set use-explicit-null=yes

to preserve QoS if needed.

misa2 · March 5, 2014, 2:31pm

I’ve drawn an image of intended topology. Basically, each site has one device with 3 virtual routers for each VLAN, and central site has 3 separate routers for those VLANS. So each of those 3 central routers will have separate BGP sessions with each site.

The question is whether this topology can scale? If anybody has similar network, what are your experiences?

Cheers,
Misa

wulfgard · March 5, 2014, 9:58pm

Hello

depending if you need bandwidth handling i would advise for BGP VPLS and RSVP ( TE Tunnels )
this type of setup implies usage of

OSPF with TE support
IBGP ( using private AS number )
BGP VPLS for circuits
no need for LDP

if you use ospf in P2P you will get a very stable and expandable network
we are using this since ROS 5.25 and now with ROS 6.9

a+
Thierry

misa2 · March 5, 2014, 10:54pm

VPLS is an interesting suggestion indeed, but it’s a L2VPN solution. I need L3VPN. As i said, i have ospf between all routers, and i will use MP-BGP on edge routers for connecting spoke vrfs with hub routers. I won’t have direct spoke to spoke connectivity like full mesh. All traffic has to go over hub router.

I am very concerned with hub routers being single point of failure. If one of them fails, the vlan it serves goes down in all sites.

Traffic engineering is not a priority at this moment, but it will be eventually.

Cheers,
Misa

wulfgard · March 6, 2014, 10:11am

You can mix L2 and L3 at the same time and with VPLS vlan does not go down if one site is dead
BGP VPLS protects you also from MAC broadcast with usage of horizon feature
when you use BGP VPLS you will have VPLS link from all routers to all routers in the same VPLS (full mesh)

a+
Thierry

misa2 · March 7, 2014, 6:59am

Thanks for the suggestion Thierry, but i will have hundreds of sites with same setup. Therefore I need L3VPN, and i need it with hub and spoke topology. Those hundreds of sites don’t have the need to communicate with each other, and equipment there has to be cheap and simple. That is why i need one RB433UAH on those sites doing everything, including being MPLS PE router.

Again to make it simple: one RB433UAH on each of hundreds of sites, with 3 MP-BGP sessions to 3 hub routers. Will this scale to thousands of devices? How to protect from hub router failure? Do i need BGP route reflectors, and how many?

If someone has good article, or book to point me to, i will be grateful.

Cheers,
Misa