I was advised not to touch the route reflectors in an ISP

dppagcdppagc Member Posts: 293
I understand what the RR do. It advertises next hop information so that the PE routers dont need to form a full mesh. The PE routers in turn store RD and RT information. However, I dont understand why I am not to touch the route reflectors:

1) There is another RR in the network for redundancy
2) The PE routers are also critical since they store the RT and RD information. So why am I not told not to touch these devices.

Comments

  • IristheangelIristheangel Mod Posts: 4,133 Mod
    As far as why not to touch the device, you might not be senior enough or trusted enough yet. From some of the questions and feedback on this forum, it still sounds like you've still got a ways to go before you're ready. Just lab on your own and try to better yourself instead of chasing paper... it sounds like you chased certifications without really taking in the knowledge from some of the questions you've asked on here. Focus more on catching up. Walk before you run.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
  • BardlebeeBardlebee Member Posts: 264 ■■■□□□□□□□
    I guess I don't quite understand what you're getting at. Has your job told you not to touch the RR and the PE devices for the MPLS communications? If so, this just might be the employer stating not to do it, period. If you're a CCNP R/S maybe they have concern on your knowledge of SP functionalities. I'm studying CCIE R/S, it has MPLS L3VPN's in it, but I don't consider myself an expert so take some of this for a grain of salt or what not. And please someone correct my logic if I'm incorrect.

    RT's are not stored anywhere per say, they are actually attached to the prefixes when advertised as community strings. Once they come inbound to the destination PE, that destination PE needs to be configured with a VRF that has an import policy or an import syntax with said community. You'd generally see this as an export to import relationship, where "VRF A" on router A has export 100:200 and "VRF B" on router B has import 100:200. This is where you can play a few games and import based on the community string, where you can import to any VRF really, as long as you have the import syntax, with the right community. Further, you can create import policies through route-maps for specific direction.

    RD's are there to distinguish (their name is route distingiushers) between like-routes. MPLS I think is so popular because it scales perfectly with internal routes. If two customers have 192.168.100.0/24 where do I send that? What neighbor needs that information? But if I have 192.168.100.0/24:100:200 and another customer has 192.168.100.0/24:200:300 I know those belong to different neighbor advertisements.

    Anyway, I don't think you're asking for a lesson, but to answer your question. Sounds like you're new to the job, maybe you're new to MPLS, I wouldn't want you messing with it either. Lab up, learn and show your boss you're ready and I'm sure they'll oblige with more and more responsibility.
  • daveybdaveyb Member Posts: 28 ■□□□□□□□□□
    There are many things that can go wrong if you screw up an RR config.

    If one goes down, all the RR clients need to recalculate their RIB, and reprogram the FIB. If you are running any older platforms, this could cause serious issues. Even worse is a BGP flap. Removing, then reinstating all 2+Million routes! Ouch!

    The 2 RRs may be configured in such a way to promote ECMP. Due to (historically. BGP Addpaths solves this but its a relatively new feature) BGP only announcing their best route, your network may be configured in such a way for your RRs to advertise a different route for each prefix to each of the PEs. Taking one down would break this.

    RRs are typically off the forwarding plane, and as such likely have small links. nx10GE/40GE/100GE interfaces on a dedicated RR doesn't make much sense. If you screw up the policy traffic could end up flowing through the RR, likely congesting on its low capacity links.

    If you screw up the config on a PE, the worst the impact is likely to be is the customers on that PE are affected. If you screw up the config on an RR, all customers may be affected (and depending on your management network, may require a drive to a DC!)

    Dropping BGP on a PE will require all routers to update their RIB etc, but the amount of routes carried on a PE will be significantly lower than the sum of all routes on your network.

    RRs typically have a fairly simple configuration and it rarely needs changing. Due to the massive potential impact if something does go wrong, they are usually left well alone outside of change windows, even by the most experienced engineers (though perhaps witnessing issues caused by this gives them the experience?)
Sign In or Register to comment.