Here I will be comparing the BGP and MP-BGP update messages. MP-BGP is used for MPLS VPNs, which requires the addition of a new address family, VPNv4. It also supports MPLS.

Standard BGP UPDATE message:

[img]http://imgur.com/AnTde.png[/img]

MP-BGP UPDATE message with MPLS VPN info:

[img]http://imgur.com/cgzum.png[/img]

Both update messages...

MPLS part 2
MPLS VPNs

1. Overview of MPLS VPNs

It is important to note that the term “VPN” is indicative of a private network, this does not implicitly guarantee encryption. We are so used to IPsec or SSL VPNs that we assume this to be the case. MPLS VPNs do not make use of encryption or authentication, for now. In its simplest sense, an...

Being that BGP must support the entire internet routing table (335620 prefixes as of this writing), it requires a special degree of tunability. In addition to the size and complexity of the BGP table, by design the border gateway patrol is “Path Vector” which means that by default routing decisions are made in a very similar fashion to IGPS...

BGP Route Reflectors, or “Disabling BGP split horizon”

One of the most dreaded stipulations of the Border Gateway Patrol, as taken directly from RFC4271:

“When a BGP speaker receives an UPDATE message from an internal peer, the receiving BGP speaker SHALL NOT re-distribute the routing information contained in that UPDATE message to other...

MPLS Part 1

1. Why MPLS?

MPLS itself offers large networks and ISPs the ability to reduce the number of BGP speakers in the core. Imagine a large, distributed WAN with 250 routers. Maintaining the iBGP peerings, between route reflectors and confederations, can be a daunting and time consuming process. Furthermore BGP is a slow and cumbersome...

Often times organizations will use IPs from the 250.0.0.0/8 block as loopback IPs.

This allows the loopback to be the highest IP address without interfering in internet routing. 250.0/8 is in the Class E, or Experimental IP block. Under normal circumstances most organizations will never need to route to 250-255.0/8.

Remember to add routes in...

"Invalid until peer or address match is specified" or "Check your ACLs"

Much like defining interesting traffic on DDR or QoS/Route-maps/DHCP pools crypto maps make use of ACLs to identify traffic to be encrypted (tunnel).

Upon reloading an archived and outdated version of a config file on their replacement router, a junior...