Re: [Idr] New Version Notification for draft-wang-idr-rd-orf-03.txt

[Gyan Mishra <hayabusagsm@gmail.com>]

Agreed that AB is a nice hybrid of A VRF data plane isolation security with
the scalability of single VPN session which was the drawback for optA.

We will add some verbiage around AB as that is as you suggested much more
common as it resolved the pitfalls of both A and B.

Thanks

Gyan

On Wed, Aug 26, 2020 at 12:19 PM Robert Raszuk <robert@raszuk.net> wrote:

>
> Just to add one point I forgot to mention - You can also enable and use
> Inter-as option "*AB"*
>
> Protection as good as in option A with inherent native scalability of
> option B. Has been supported and deployed for years ...
>
> Thx,
> R.
>
> REF:
> https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_ias_and_csc/configuration/xe-16/mp-ias-and-csc-xe-16-book/mpls-vpn-inter-as-option-ab.html
>
>
> On Wed, Aug 26, 2020 at 6:08 PM Robert Raszuk <robert@raszuk.net> wrote:
>
>>
>> > Gyan> The primary use case is for inter as opt a or b flood of routes
>> and there it is very difficult to control
>> > in either scenario as it is going between administrative domains.
>>
>> For inter-as option A you should use prefix limit between VRFs.
>>
>> For inter-as option B & C it is very seldom to see opening up anyone's
>> network across different admin domains. Lot's of things can break. The only
>> deployments I have seen for option B & C were across multiple domains under
>> the *same* administration.
>>
>> However if you are concerned about B & C I would rather ask your vendor
>> to provide perfix limit on a per RD basis for VPNv4/v6 or EVPN sessions -
>> no best path run needed. Very simple implementation extension and you are
>> protected without any bgp protocol extensions.
>>
>> Thx,
>> R.
>>
>>
>>
>>
>>
>>
>>
>>
>
> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *



*M 301 502-134713101 Columbia Pike *Silver Spring, MD