Jump to content
inferno1976

CCIE SP written 400-201 new dumps

Recommended Posts

You should. You need at least 5 posts to send a PM. Could be 10 also, I would have to check the forum rules. But so can u ;)

Share this post


Link to post
Share on other sites

Also, regarding what would be the number of labels between ASBRs for MPLS VPN services running inter-AS option C

 

I thing the answer should be 2 labels - because if inter-AS option C (next-hop-unchanged) is assumed - then the only label stack between ASBRs would comprise of IGP label for remote PE and VPN label - so label stack should be 2 ... - Thoughts ??

 

MPLS inter-AS Option B, the AS border routers (ASBR) peer with each other using an eBGP session. The ASBR also performs the function of a PE router and therefore peers with every other PE router in their AS. Packets are sent between the ASBRs through MPLS. Packets use the routing information stored in the LFIB of each ASBR. A data packet carries two levels of labels when it traverses between the ASBR:

  • The first label (IGP/Core label) directs the packet to the correct ASBR.
  • The second label (VPN route label) directs the packet to the appropriate VRF.

Reference:

Hidden Content

    Give reaction to this post to see the hidden content.

Share this post


Link to post
Share on other sites

Hi Guys, I want to discuss the question where AT says only VRF-ABC will have internet connectivity.

 

If IAR has OSPF up and running with PE1, then its safe to assume that IAR would have a return route to the NAT'd subnet.

Note that PE1 is advertising the statics into OSPF and the NAT pool config is already installing a static route for the NAT subnet

 

The only thing that is tricky is that vrf XYZ has a static default pointing to ethernet interface instead of next-hop IP which means vrf XYZ would rely on proxy ARP from PE1.

I read one document where it says in some IOS the proxy ARP function under VRF is broken - which would explain why vrf XYZ would not get connectivity but if proxy ARP works correctly, then both VRFs should be able to have connectivity... - Thoughts ??

 

You hit the nail on the head. In my opinion that is the key to the question. There is no way PE1 is going to proxy ARP requests to the internet. That means every web site would need to be proxy ARPed.... and even if PE1 sent an ARP into the internet, do you think it's going to make it to yahoo.com or apple.com? Hah. Basically, VRF-XYZ router does not have a valid default route so it cannot reach the internet.

Edited by mesmes

Share this post


Link to post
Share on other sites

MPLS inter-AS Option B, the AS border routers (ASBR) peer with each other using an eBGP session. The ASBR also performs the function of a PE router and therefore peers with every other PE router in their AS. Packets are sent between the ASBRs through MPLS. Packets use the routing information stored in the LFIB of each ASBR. A data packet carries two levels of labels when it traverses between the ASBR:

  • The first label (IGP/Core label) directs the packet to the correct ASBR.
  • The second label (VPN route label) directs the packet to the appropriate VRF.

Reference:

Hidden Content

    Give reaction to this post to see the hidden content.

 

I think that considering this is a option B there should be only one label between both ASBRs. This is because there is no IGP label between them, because no IGP is running between the ASBRs. The only label is the exchanged between them in the vpnv4 BGP session. If this was a option C then yes there would be 2 labels. The BGP (RFC3107) label + the VPN label exchanged between the RR's from each AS in the vpnv4 session.

  • Like 1

Share this post


Link to post
Share on other sites

Also, regarding what would be the number of labels between ASBRs for MPLS VPN services running inter-AS option C

 

I thing the answer should be 2 labels - because if inter-AS option C (next-hop-unchanged) is assumed - then the only label stack between ASBRs would comprise of IGP label for remote PE and VPN label - so label stack should be 2 ... - Thoughts ??

 

Hi osmankh,

 

I now it might be late for you, but you are correct, the label stack in option c is 2. Even in the case that next-hop-unchange is not used.

Share this post


Link to post
Share on other sites

You hit the nail on the head. In my opinion that is the key to the question. There is no way PE1 is going to proxy ARP requests to the internet. That means every web site would need to be proxy ARPed.... and even if PE1 sent an ARP into the internet, do you think it's going to make it to yahoo.com or apple.com? Hah. Basically, VRF-XYZ router does not have a valid default route so it cannot reach the internet.

 

Hi,

 

My answer is A - Both CEs will have connectivity.

 

Besides what you already discuss, It works because two things happens:

First, the router who has static route pointing to the interface sends ARP request for every packet with unknown destination.

 

Second, the "ip proxy-arp" command is enabled by default in routers. When router gets the arp request with destination for network that it has in its routing table it sends reply with his mac address in ARP packet for this destination.

Share this post


Link to post
Share on other sites

Hi,

 

My answer is A - Both CEs will have connectivity.

 

Besides what you already discuss, It works because two things happens:

First, the router who has static route pointing to the interface sends ARP request for every packet with unknown destination.

 

Second, the "ip proxy-arp" command is enabled by default in routers. When router gets the arp request with destination for network that it has in its routing table it sends reply with his mac address in ARP packet for this destination.

 

No, man, you are wrong. Proxy ARP is designed to work when there is one router between two local subnets. It's a way to cheat in a small way. It isn't going to work when the host is somewhere off in the internet several hops away. I work for a major ISP and I can tell you that proxy arp is disabled on all of our internet routers.... and I think on IOS XR it is disabled by default anyway.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...