nordunet nordic infrastructure for research & education lhcone p2p routing without dynamic...

Post on 05-Jan-2016

215 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

NORDUnet Nordic Infrastructure for Research & Education

LHCone P2P routingwithout dynamic router

configuration

Magnus Bergroth

NORDUnetNordic infrastructure for Research & Education

LHC sites

NORDUnetNordic infrastructure for Research & Education

GPN BGP

Advertise reachability

NORDUnetNordic infrastructure for Research & Education

BGP Peering

eBGP TCP, local IP – remote IP local AS – remote AS

NORDUnetNordic infrastructure for Research & Education

P2P

NORDUnetNordic infrastructure for Research & Education

P2P Single Vlan

Point to point Single connection

NORDUnetNordic infrastructure for Research & Education

P2P Full Mesh Vlans

Point to point A - B, Vlan 1 B – C, Vlan 2 C – A, Vlan 3

NORDUnetNordic infrastructure for Research & Education

P2P n x subinterface

Use the first available unused vlanP2P swap vlan-id if needed

NORDUnetNordic infrastructure for Research & Education

IP single VlanFull mesh of BGP sessions BGP establish when links goes up.

NORDUnetNordic infrastructure for Research & Education

IP Vlan meshVlan tied to site, pre configured ip /31 per Vlan.BGP or static routing with BFD

NORDUnetNordic infrastructure for Research & Education

n x subinterfaceOther side unknown IP addresses can’t be assigned. Un-numbered not possible with BGP. RIP can advertise reachability over un-numbered interfaces. BFD to faster detect link status

NORDUnetNordic infrastructure for Research & Education

Summary

Single Vlan

Mesh Vlans

n x Vlans

Connectivity

One site at the time

Any to any n sites at the time

IP addressing

Shared IP space

IP peer vlan

Un-numbered

Routing BGP BGP, Static with BFD

RIP with BFD

NORDUnetNordic infrastructure for Research & Education

Usage of P2P

All traffic between sites will use available P2P links

NORDUnetNordic infrastructure for Research & Education

Advertise subset of IP space

Statefull firewall kills asymmetric traffic

NORDUnetNordic infrastructure for Research & Education

Filter/Policy based forwarding

NORDUnetNordic infrastructure for Research & Education

Filter/Policy based forwarding

NORDUnetNordic infrastructure for Research & Education

Out of this scope

Have software that controls the Border Routers and inserts Policy/Filter based rules.Source IP + port, Destination IP + port pointing to P2P vlan.

NORDUnetNordic infrastructure for Research & Education

Last slide, out of ideas

top related