network mergers and migrations€¦ · network mergers and migrations: junos design and...

Network Mergers andMigrations:

Junos� Design and Implementation

Gonzalo Gómez Herrero

Professional Services, Juniper Networks, Inc

Jan Antón Bernal van der Ven


A John Wiley and Sons, Ltd, Publication

Network Mergers and Migrations

WILEY SERIES IN COMMUNICATIONS NETWORKING & DISTRIBUTEDSYSTEMS

Series Editor: David Hutchison, Lancaster University, Lancaster, UKSerge Fdida, Universitè Pierre et Marie Curie, Paris, FranceJoe Sventek, University of Glasgow, Glasgow, UK

The ‘Wiley Series in Communications Networking & Distributed Systems’ is a seriesof expert-level, technically detailed books covering cutting-edge research, and brand newdevelopments as well as tutorial-style treatments in networking, middleware and softwaretechnologies for communications and distributed systems. The books will provide timelyand reliable information about the state-of-the-art to researchers, advanced students anddevelopment engineers in the Telecommunications and the Computing sectors.

Other titles in the series:

Wright: Voice over Packet Networks 0-471-49516-6 (February 2001)Jepsen: Java for Telecommunications 0-471-49826-2 (July 2001)Sutton: Secure Communications 0-471-49904-8 (December 2001)Stajano: Security for Ubiquitous Computing 0-470-84493-0 (February 2002)Martin-Flatin: Web-Based Management of IP Networks and Systems 0-471-48702-3(September 2002)Berman, Fox, Hey: Grid Computing. Making the Global Infrastructure a Reality0-470-85319-0 (March 2003)Turner, Magill, Marples: Service Provision. Technologies for Next GenerationCommunications 0-470-85066-3 (April 2004)Welzl: Network Congestion Control: Managing Internet Traffic 0-470-02528-X (July 2005)Raz, Juhola, Serrat-Fernandez, Galis: Fast and Efficient Context-Aware Services0-470-01668-X (April 2006)Heckmann: The Competitive Internet Service Provider 0-470-01293-5 (April 2006)Dressler: Self-Organization in Sensor and Actor Networks 0-470-02820-3 (November 2007)Berndt: Towards 4G Technologies: Services with Initiative 0-470-01031-2 (March 2008)Jacquenet, Bourdon, Boucadair: Service Automation and Dynamic Provisioning Techniquesin IP/MPLS Environments 0-470-01829-1 (March 2008)Minei/Lucek: MPLS-Enabled Applications: Emerging Developments and NewTechnologies, Second Edition 0-470-98644-1 (April 2008)Gurtov: Host Identity Protocol (HIP): Towards the Secure Mobile Internet 0-470-99790-7(June 2008)Boucadair: Inter-Asterisk Exchange (IAX): Deployment Scenarios in SIP-enabled Networks0-470-77072-4 (January 2009)Fitzek: Mobile Peer to Peer (P2P): A Tutorial Guide 0-470-69992-2 (June 2009)Shelby: 6LoWPAN: The Wireless Embedded Internet 0-470-74799-4 (November 2009)Stavdas: Core and Metro Networks 0-470-51274-1 (February 2010)

Network Mergers andMigrations:

Junos� Design and Implementation

Gonzalo Gómez Herrero


Jan Antón Bernal van der Ven


A John Wiley and Sons, Ltd, Publication

This edition first published 2010c© 2010 John Wiley & Sons Ltd

Registered officeJohn Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ,United Kingdom

For details of our global editorial offices, for customer services and for information about how to applyfor permission to reuse the copyright material in this book please see our website at www.wiley.com.

The right of the author to be identified as the author of this work has been asserted in accordance withthe Copyright, Designs and Patents Act 1988.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, ortransmitted, in any form or by any means, electronic, mechanical, photocopying, recording orotherwise, except as permitted by the UK Copyright, Designs and Patents Act 1988, without the priorpermission of the publisher.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in printmay not be available in electronic books.

Designations used by companies to distinguish their products are often claimed as trademarks. Allbrand names and product names used in this book are trade names, service marks, trademarks orregistered trademarks of their respective owners. The publisher is not associated with any product orvendor mentioned in this book. This publication is designed to provide accurate and authoritativeinformation in regard to the subject matter covered. It is sold on the understanding that the publisher isnot engaged in rendering professional services. If professional advice or other expert assistance isrequired, the services of a competent professional should be sought.

Library of Congress Cataloging-in-Publication Data

CIP data to follow

A catalogue record for this book is available from the British Library.

ISBN 9780470742372 (PB)

Set in 10/12pt Times by Sunrise Setting Ltd, Torquay, UK.Printed and Bound in Great Britain by Antony Rowe, Chippenham, Wiltshire.

www.wiley.com

Advanced Praise for Network Mergers and Migrations

“Having been through the network migrations of both SBC-Ameritech, and SBC-AT&T, this book providesvaluable direction and advice to an operator that would be useful when dealing with mergers andmigrations. It is about time that someone wrote a book covering not just green field network design, buthow do you merge networks together while maintaining the needs of the business.”

Tom Scholl, Principal IP Network Engineer, IP/MPLS Backbone Design and Development, AT&T Labs

“I have never read such an excellent book detailing so much about Juniper router operation and designknowledge in depth, not only it has helped me with operating all of our Juniper routers in our nationalbackbone network more efficiently, but also on improving my design knowledge as well.”

Ji Hui, Senior Manager, China Telecom Group Corporation

“Network Mergers and Migrations gives a clear idea of the difficulty of merging or migrating IP networks,and it is a great help for engineers that have to face this type of operation for the first time or evenrepeatedly.”

Chiara Moriondo, Senior Engineer, Telecom Italia Labs

“Network Mergers and Migrations provides an original approach to IP and MPLS instruction that is righton target. When combined with the depth of technical information and case studies contained within, theresult is an irreplaceable resource for any network engineer.”

Chris Grundemann, Senior Engineer, tw telecom, inc.

“Network Mergers and Migrations is a thorough guide for anyone involved in a wide range of networkconsolidation and integration exercises. The authors use Junos as a technical focus for their exampleskeeping the concepts related to some of the more relevant protocols and topics in current IP and MPLSnetworks. It’s a must-have book for anyone wishing to further enhance their protocol knowledge base.”

Shafik Hirjee, Bell Canada, Director, National MPLS/IP Core Network Engineering

“We operate the largest R&E network in the world using Juniper T640s, and my job often involves networkplanning and design. I have found this book to be just the one I need. I thought I knew Junos, but theseauthors are at an unprecedented level.”

Zheng Zhiyan, Senior Engineer, Network Operation Center, CNGI-6IX/CERNET2

“Recommended reading for networkers who like to look into complex and detailed network migrationscenarios, as well as those interested in a better understanding of Junos implementation of common ISPprotocols.”

Andreas Weiner, Network Engineer/IP Backbone, Telekom Austria TA AG

“Network Mergers and Migrations provides network operators a comprehensive reference for networkmigration. The level of detail included in this book is exceptional. It’s a thorough guide for any networkprofessional who are involved with network migration.”

Mazen A. Baragaba & Eid Al Harbi Communications Engineers, Communications Operations Depart-ment, Saudi Aramco

“Efficient IP network planning and management involves more than just the in-depth knowledge oftheory. This book helps the reader gain a thorough understanding of the Junos routing architecture viapractical and useful case studies, resulting in smooth and clean transitions between different networkimplementations. The clear and concise exposition make this book a pleasure to read and a usefulcompanion during work.”

Giorgio Lembo, R&D Director, Tinet S.p.A.

“Network Mergers and Migrations describes in detail the basics of L3VPN architectures while providinga clear and detailed roadmap for various migration scenarios. Even for telcos (operators) that are notimplied in migration phases, a lot of great advice is provided for designing network architectures basedon Junos software.”

David Roy, Orange France, RBCI IP Technical Assistance Center

“Network Mergers and Migrations is much more than a reference for all relevant IP protocols today, it isa book of practical examples for your daily work and should be on the desk of everyone who has to dealwith network migrations and mergers.”

Christian Kaufmann, Senior Manager Network Architecture, Akamai Technology

“An invaluable guide for anyone about to undertake a network merger, full of appropriate case studies andJunos tips to back up the concepts discussed.”

Keith Slater, NOC Manager, Cable&Wireless Worldwide

“The best book on operating Junos router networks!”

Jia Yan, Director, Network Maintenance Center, China Telecom Group Beijing Corporation

“Sooner or later in their careers, network professionals will be faced with a network merger or migration.This book covers all technical aspects of the problems encountered during a migration or merger andprovides the best practices and techniques on how to perform the task with the minimal impact on customerservices. A must have in any network professional’s library.”

Otto Kreiter, Service Introduction Manager, DANTE Ltd.

Contents

List of Junos Tips xiii

List of Application Notes xv

List of “What ifs” xvii

About the Authors xix

Series Foreword xxi

Foreword xxiii

Acknowledgments xxv

Acronyms xxvii

Introduction xxxi

1 Dealing with Routes within a Junos OS Based Router 11.1 Route Handling Features inside a Junos OS Based Router . . . . . . . . . . . 1

1.1.1 Instances and RIB tables . . . . . . . . . . . . . . . . . . . . . . . . 21.1.2 Grouping RIBs together . . . . . . . . . . . . . . . . . . . . . . . . 51.1.3 Instructing protocols to use different RIBs . . . . . . . . . . . . . . . 81.1.4 Automatic RIB groups and VPN routes . . . . . . . . . . . . . . . . 101.1.5 Local redistribution using the vrf-import option . . . . . . . . . . . . 12

1.2 RIB Route Advertisement at MPLS Layer 3 VPNs . . . . . . . . . . . . . . 131.2.1 Levels of advertisement policy – vpn-apply-export . . . . . . . 141.2.2 Path selection mode in Junos OS . . . . . . . . . . . . . . . . . . . . 151.2.3 RIB group versus auto-exported routes . . . . . . . . . . . . . . . . 171.2.4 RIB selection – no-vrf-advertise . . . . . . . . . . . . . . . . 17

1.3 Directing Traffic to Forwarding Tables . . . . . . . . . . . . . . . . . . . . . 181.3.1 Adding a routing table next hop to a static route . . . . . . . . . . . . 181.3.2 Using packet filtering to control the forwarding process . . . . . . . . 191.3.3 Usage guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191.3.4 Risks of decoupling routing and forwarding . . . . . . . . . . . . . . 20

viii CONTENTS

1.4 Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211.4.1 Original network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211.4.2 Target network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231.4.3 Migration strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . 241.4.4 Stage one: Building an MPLS L3VPN . . . . . . . . . . . . . . . . . 271.4.5 Stage two: Preparatory work at spoke sites . . . . . . . . . . . . . . 301.4.6 Stage three: Preparatory work at headquarters . . . . . . . . . . . . . 311.4.7 Stage four: Preparatory work at the data center . . . . . . . . . . . . 371.4.8 Stage five: Move of data center site to CORP VRF . . . . . . . . . . 421.4.9 Stage six: Moving first spoke site router Inverness to CORP VRF . . 481.4.10 Stage seven: Monitoring and anomaly detection . . . . . . . . . . . . 481.4.11 Stage eight: Move of remaining spoke sites to CORP VRF . . . . . . 511.4.12 Stage nine: Hub traffic to data center to follow CORP VPN . . . . . . 551.4.13 Stage ten: Migration cleanup . . . . . . . . . . . . . . . . . . . . . . 561.4.14 Migration summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Further Reading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

2 Link-State IGP Migrations 612.1 Link-state IGP Hierarchical Migrations . . . . . . . . . . . . . . . . . . . . 63

2.1.1 Motivations for link-state IGP hierarchical migrations . . . . . . . . 632.1.2 Generic strategies for link-state IGP hierarchical migrations . . . . . 672.1.3 Resources for link-state IGP hierarchical migrations . . . . . . . . . 92

2.2 Link-state IGP Domain Migrations . . . . . . . . . . . . . . . . . . . . . . . 1092.2.1 Considerations for a link-state IGP migration . . . . . . . . . . . . . 1092.2.2 Generic strategies for a link-state IGP migration . . . . . . . . . . . 1142.2.3 Resources for a link-state IGP migration . . . . . . . . . . . . . . . . 118

2.3 Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1482.3.1 Original network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1492.3.2 Target network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1502.3.3 Migration strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . 1532.3.4 Stage one: IS–IS Level 2 activation in domain “Cyclone” . . . . . . . 1542.3.5 Stage two: Route redistribution at domain “Monsoon” . . . . . . . . 1662.3.6 Stage three: IS–IS protocol adaption at domain “Mistral” . . . . . . . 1772.3.7 Stage four: Domain interconnection via IS–IS Level 2 . . . . . . . . 1852.3.8 Stage five: Integration of router Lille in the IS–IS domain . . . . . . 1862.3.9 Stage six: Global connectivity verification . . . . . . . . . . . . . . . 1912.3.10 Stage seven: OSPFv2 to IS–IS Level 2 transition in

domain “Cyclone” . . . . . . . . . . . . . . . . . . . . . . . . . . . 2032.3.11 Stage eight: Address renumbering and OSPFv2 replacement with

IS–IS in domain “Monsoon” . . . . . . . . . . . . . . . . . . . . . . 2102.3.12 Stage nine: IS–IS Level 1 authentication and route-leaking adaption

in domain “Mistral” and router Lille . . . . . . . . . . . . . . . . . . 2212.3.13 Migration summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 223


CONTENTS ix

3 BGP Migrations 2293.1 Motivations for BGP Migrations . . . . . . . . . . . . . . . . . . . . . . . . 2313.2 Considerations for BGP Migrations . . . . . . . . . . . . . . . . . . . . . . 233

3.2.1 Protocol messages . . . . . . . . . . . . . . . . . . . . . . . . . . . 2343.2.2 Capability advertisement . . . . . . . . . . . . . . . . . . . . . . . . 2363.2.3 Address families . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2373.2.4 Implications of public AS change . . . . . . . . . . . . . . . . . . . 2383.2.5 AS numbers in route advertisements . . . . . . . . . . . . . . . . . . 2393.2.6 AS-related attributes in advertisements . . . . . . . . . . . . . . . . 2403.2.7 Internal peering topologies . . . . . . . . . . . . . . . . . . . . . . . 2423.2.8 Keep last active route with BGP equal cost external paths . . . . . . 2453.2.9 Grouping policy with communities . . . . . . . . . . . . . . . . . . 2463.2.10 Handling of protocol next-hop changes . . . . . . . . . . . . . . . . 246

3.3 Generic Strategies for BGP Migrations . . . . . . . . . . . . . . . . . . . . . 2483.3.1 Leverage protocol layering . . . . . . . . . . . . . . . . . . . . . . . 2493.3.2 Adding redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . 2493.3.3 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2493.3.4 Beware of IP routers in transit . . . . . . . . . . . . . . . . . . . . . 2503.3.5 Coordinating external peering changes . . . . . . . . . . . . . . . . . 2503.3.6 Best-path selection . . . . . . . . . . . . . . . . . . . . . . . . . . . 2513.3.7 Changing IBGP topologies . . . . . . . . . . . . . . . . . . . . . . . 251

3.4 Junos OS Implementation of BGP . . . . . . . . . . . . . . . . . . . . . . . 2533.4.1 Inbound . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2533.4.2 Adj-RIB-In . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2543.4.3 Loc-RIB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2553.4.4 Adj-RIB-Out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

3.5 Resources for Junos OS BGP Migrations . . . . . . . . . . . . . . . . . . . . 2573.5.1 Advertisement of inactive BGP routes . . . . . . . . . . . . . . . . . 2573.5.2 Flexible identification of the local AS . . . . . . . . . . . . . . . . . 2573.5.3 Allowing for AS loops . . . . . . . . . . . . . . . . . . . . . . . . . 260

3.6 Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2603.6.1 Original network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2603.6.2 Target network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2653.6.3 Migration strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . 2663.6.4 Stage one: Confederating domain “Cyclone” . . . . . . . . . . . . . 2683.6.5 Stage two: Confederating domain “Mistral” . . . . . . . . . . . . . . 2733.6.6 Stage three: First confederation peering to bind both sub-AS domains

together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2773.6.7 Stage four: Monitoring period . . . . . . . . . . . . . . . . . . . . . 2783.6.8 Stage five: CBGP deployment and EBGP cleanup between domain

“Cyclone” and domain “Mistral” . . . . . . . . . . . . . . . . . . . . 2843.6.9 Stage six: External peering on new 4-byte AS . . . . . . . . . . . . . 2853.6.10 Stage seven: Bringup IBGP peerings to Lille . . . . . . . . . . . . . 2883.6.11 Stage eight: Enable route reflection on router Lille . . . . . . . . . . 2923.6.12 Stage nine: Switch router Nantes to the 4-byte AS . . . . . . . . . . . 2923.6.13 Stage ten: Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . 294

x CONTENTS

3.6.14 Stage eleven: Roll out and cleanup . . . . . . . . . . . . . . . . . . . 2943.6.15 Migration summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 294


4 MPLS label distribution Migrations 2974.1 Motivations for MPLS label distribution Migrations . . . . . . . . . . . . . . 2974.2 Considerations for MPLS label distribution Migrations . . . . . . . . . . . . 2984.3 Generic Strategies for an MPLS label distribution protocol Migration . . . . . 300

4.3.1 MPLS label distribution protocol coexistence . . . . . . . . . . . . . 3004.3.2 MPLS label distribution protocol redistribution . . . . . . . . . . . . 3014.3.3 MPLS label distribution protocol overlay . . . . . . . . . . . . . . . 3034.3.4 MPLS label distribution protocol parameterization . . . . . . . . . . 303

4.4 Resources for an MPLS label distribution protocol Migration . . . . . . . . . 3044.4.1 MPLS label distribution protocol preference . . . . . . . . . . . . . . 3054.4.2 Resources to control LDP label distribution . . . . . . . . . . . . . . 3064.4.3 Resources for route installation with RSVP-TE . . . . . . . . . . . . 3124.4.4 Resources for label advertisement and route resolution with Labeled

BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3214.5 Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324

4.5.1 Original network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3244.5.2 Target network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3264.5.3 Migration strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . 3274.5.4 Stage one: Labeled BGP deployment over LDP in domain “Mistral” 3314.5.5 Stage two: Labeled BGP deployment over RSVP-TE in domain

“Cyclone” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3464.5.6 Stage three: Labeled BGP interconnect between domain “Cyclone”

and domain “Mistral” . . . . . . . . . . . . . . . . . . . . . . . . . . 3524.5.7 Stage four: Redundant label binding distribution over domain

“Monsoon” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3574.5.8 Stage five: MPLS integration and interconnect via router Lille . . . . 3604.5.9 Stage six: LDP activation in all domains . . . . . . . . . . . . . . . . 3644.5.10 Migration summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 370


5 MPLS Layer 3 VPN Migrations 3755.1 Motivations for Layer 3 VPN Migrations . . . . . . . . . . . . . . . . . . . . 376

5.1.1 Security enforcement . . . . . . . . . . . . . . . . . . . . . . . . . . 3765.1.2 Communication flow handling . . . . . . . . . . . . . . . . . . . . . 3775.1.3 Service multiplexing . . . . . . . . . . . . . . . . . . . . . . . . . . 3775.1.4 Route manipulation . . . . . . . . . . . . . . . . . . . . . . . . . . . 3775.1.5 Routing redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . 378

5.2 Considerations for Layer 3 VPN Migrations . . . . . . . . . . . . . . . . . . 3785.2.1 Layer 3 VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3785.2.2 RIP as PE–CE protocol . . . . . . . . . . . . . . . . . . . . . . . . . 382

CONTENTS xi

5.2.3 OSPFv2 as PE–CE protocol . . . . . . . . . . . . . . . . . . . . . . 3855.2.4 EBGP as PE–CE protocol . . . . . . . . . . . . . . . . . . . . . . . 3895.2.5 IBGP as PE–CE protocol . . . . . . . . . . . . . . . . . . . . . . . . 3905.2.6 Inter-AS options . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3915.2.7 Carrier Supporting Carrier (CsC) . . . . . . . . . . . . . . . . . . . . 397

5.3 Generic Strategies for L3VPN Migrations . . . . . . . . . . . . . . . . . . . 3985.3.1 Layer VPN Route Target mapping . . . . . . . . . . . . . . . . . . . 3985.3.2 Layer 3 VPN Route Distinguiser mapping . . . . . . . . . . . . . . . 3985.3.3 Parallel L3VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3995.3.4 Interconnecting L3VPNs . . . . . . . . . . . . . . . . . . . . . . . . 399

5.4 Junos Implementation of L3VPNs . . . . . . . . . . . . . . . . . . . . . . . 3995.4.1 MPLS label allocation for L3VPNs . . . . . . . . . . . . . . . . . . 400

5.5 Resources for L3VPN Migrations . . . . . . . . . . . . . . . . . . . . . . . 4075.5.1 RIP PE–CE resources . . . . . . . . . . . . . . . . . . . . . . . . . 4075.5.2 OSPFv2 PE–CE resources . . . . . . . . . . . . . . . . . . . . . . . 4135.5.3 BGP PE–CE resources . . . . . . . . . . . . . . . . . . . . . . . . . 450

5.6 Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4705.6.1 Original network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4705.6.2 Target network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4715.6.3 Migration strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . 4725.6.4 Stage one: Inter-AS Option A deployment . . . . . . . . . . . . . . . 4735.6.5 Stage two: Inter-AS Option B deployment . . . . . . . . . . . . . . . 4795.6.6 Stage three: Inter-AS Option B activation . . . . . . . . . . . . . . . 4885.6.7 Stage four: Bringup of redundant Option B over CsC . . . . . . . . . 4925.6.8 Stage five: Activation of Option B over CsC . . . . . . . . . . . . . . 4965.6.9 Stage Six: Inter-AS Option C deployment in domain “Cyclone” . . . 4995.6.10 Stage Seven: Inter-AS Option C activation . . . . . . . . . . . . . . . 5035.6.11 Stage Eight: Build redundant Option C . . . . . . . . . . . . . . . . 5055.6.12 Stage Nine: Activation of redundant Option C . . . . . . . . . . . . . 5095.6.13 Migration summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 511


Index 515

List of Junos Tips

Impact in link-state IGPs of activation of a RIB group configuration . . . . . . . . . . . . . . . . . . . . .6Finding sibling tables for a prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Multi-Topology Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Use of a table filter in path selection mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17Sharing IP filters across interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Unnumbered point-to-point interfaces in OSPFv2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81Consequences of duplicate Net-IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85Suppressing pseudonode on point-to-point Ethernet segments . . . . . . . . . . . . . . . . . . . . . . . . . 86Inspecting IGP and TEDs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158IS–IS ATTached bit setting conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179IS–IS Up/Down bit setting conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191Configuration of no-neighbor-down-notification . . . . . . . . . . . . . . . . . . . . . . . . . 209Link-state IGP overload bit utilization for intrusive works . . . . . . . . . . . . . . . . . . . . . . . . . . . .213Leaking L1 routes with wide-metrics-only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Avoiding default BGP next-hop changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247Retaining invalid routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254Grouping together BGP peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255BGP Minimum Route Advertisement Interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256Detecting a leak of confederation segments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283Handling of unsupported 4-byte AS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287Combining RSVP-TE LSP prefix association with IGP shortcuts . . . . . . . . . . . . . . . . . . . . . 318Primary routing table exclusiveness for L-BGP routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323Symptoms of route advertisement or resolution failures with external L-BGP . . . . . . . . . . 335LDP egress policy out of IGP routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345Installing a secondary loopback address for RSVP-TE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350Troubleshooting an L-BGP overlay model with inter-AS Option C . . . . . . . . . . . . . . . . . . . . 355L-BGP route selection due to “active preferred” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362Unadvertised effects of LDP-IGP synchronization when stitching domains . . . . . . . . . . . . 365Knob strict-targeted-hellos and direct LDP sessions . . . . . . . . . . . . . . . . . . . . . . 369Matching prefixes for inet-vpn routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397VRF EXP classification with vrf-table-label . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402Using per-prefix MPLS labels for balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404Choosing a table label with extranets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407Default MED population for VPN-IPv4 NLRIs with RIP metric . . . . . . . . . . . . . . . . . . . . . . 410Sham-link end point address advertisement and selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428

xiv LIST OF JUNOS TIPS

Configuring domain identifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431Inter-AS Option A based on OSPF domain identifier mismatch, DN bit, and VPNRoute Tag bleaching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443Controlling route propagation from a CE with the VPN Route Tag . . . . . . . . . . . . . . . . . . . . 447Integrate route distribution into a L3VPN without prepending the transport AS. . . . . . . . .451AS path loop avoidance by means of independent-domains . . . . . . . . . . . . . . . . . . . . 464AS path loop detection per family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465Integrating standard VPN routes with independent-domains . . . . . . . . . . . . . . . . . . . 469Traffic affected by a forwarding table filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488L3VPN EBGP sessions require multihop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496Inter-AS Option C and load balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509

List of Application Notes

Separate unicast and multicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9OSPF area migrations through secondary adjacencies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75IS–IS additional areas for seamless migrations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85Use of IS–IS authentication options to connect multiple domains . . . . . . . . . . . . . . . . . . . . . 143Use of AS numbers in documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230Reflectors on the forwarding path and the cluster ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250Migration of an IBGP AS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259Scaling L3VPNs with hierarchical PE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394Selective label allocation for hub-and-spoke VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405Mitigate loop formation with a multihomed RIP network into a L3VPN withRoute tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408Using sham links to integrate a legacy OSPFv2 network into a L3VPN . . . . . . . . . . . . . . . . 415Dismantling sham links and selecting adequate Domain Identifiers for route translation . 431Integrating route distribution and attributes into an L3VPN with independent domains . . 455

List of “What ifs”

Data center traffic bypassing the helper table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44Data center not visible in global routing table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46Route selection, MPLS forwarding, and IP forwarding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161OSPF external routes vs IS–IS internal routes via wide-metrics-only . . . . . . . . . . . 172Mutual protocol redistribution at several points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175Route preference for locally injected prefixes with IS–IS Up/Down bit set . . . . . . . . . . . . . 206Keeping internal peers on the old AS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273AS selection when both sides use alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274Redistribution of LDP and L-BGP in domain “Mistral” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341Redistribution of RSVP-TE and L-BGP in domain “Cyclone” . . . . . . . . . . . . . . . . . . . . . . . . 349

About the Authors

Gonzalo Gómez Herrero holds a MS in Telecommunications Engineering from theUniversity of Zaragoza (Spain) and a certificate in Postgraduate Studies in Computer Sciencefrom the Technical University of Munich (Germany). He is JNCIE-M #155, JNCIP-E #108,CCIE Routing and Switching #14068 and Juniper Certified Instructor. Prior to joining aJuniper in June 2005, he worked in various technical positions for system integrators andservice providers. He is currently a member of the EMEA Professional Services team, havingworked in the networking industry for over 10 years.

Juan Antón Bernal van der Ven (JNCI/JNCIE-M #27) holds a BS in Telecommunicationsand a MS in Electronics Engineering from the Universitat Ramon Llull (Spain). Aftercompleting a MSc in Space Telecommunications, he spent two years in the EuropeanSpace Operations Centre supporting research for ground segment operations. He joined theprofessional services arm of an ATM switching vendor in 1998, and moved to the JuniperNetworks Professional Services team in 2001.

Series Foreword

This book literally gets to the heart of the operation of modern computer networks – on whichmuch of society strongly depends for almost all aspects of life and work. It is concernedwith so-called network mergers and migrations which – in the case of migrations more thanmergers – are an increasingly frequent occurrence because networks are inevitably underconstant change.

Although the imperatives for change come mainly from business requirements, theimplications are of course translated to the technical level of the network system – to therouters and their operating environment – and it is solely at the technical level that this bookconsiders the subject.

In particular, the book treats the subject from the viewpoint of Junos R© operating system,which is the network operating system developed by Juniper Networks Inc. The two authorsare expert practitioners, with a wealth of experience in the field, and from them the readerwill gain an in-depth understanding of the issues that face network operators and also networkdesigners when faced with having to carry out changes. Both planning and implementationof solutions are covered in depth for the important network protocols, IGPs, BGP, and MPLSas the main focus.

Although the book is specifically oriented around Junos OS, the treatment is such thatreaders will learn the principles behind migration as well as a great deal of insight into thepractical issues that lie behind the deployment of IGPs, BGP, and MPLS, protocols that aredescribed in many textbooks but rarely from an operations perspective.

A key feature of this book is that each of the five chapters features a case study that takesthe reader through the steps involved in the planning and realization of a typical migrationinvolving the protocol(s) covered in that particular chapter. The net effect is a fascinatingjourney and learning experience through the normally hidden world and work of modernnetwork engineers.

This latest addition to the Wiley CNDS Series is written by two Juniper insiders. It givesa comprehensive and distinctive coverage of this important field and should appeal broadlyto researchers and practitioners in the field of communications and computer networks, notjust to those interested purely in mergers and migrations.

David HutchisonLancaster University

Foreword

Loosely translated, Heraclitus says, “Change is the only constant.” Change is one of thehallmarks of life – growth, repair, adaptation. Networks, whether those of service providers,enterprises, or data centers, are not different – they grow, they change: a new port here, asoftware upgrade there, a customer tweak elsewhere, accompanied by the perennial questfor higher bandwidth, broader services, increased scale, and ultimately, greater utility. Thesechanges, small or large, accrete almost unnoticed, until today’s network is unrecognizablefrom the network a few years ago. These changes are not always planned; they tend to bedriven by short-term tactical considerations rather than longer-term strategy. Thus, it is nosurprise that the cumulative effect is not always desired – it is what it is.

Network Mergers and Migrations: Junos R© Design and Implementation is not aboutmanaging the daily changes that occur in networks. Rather, it is about tectonic shifts innetworks: how to plan them, how to lay the groundwork for them, and most importantly,how to bring them to fruition effectively and safely. Such tectonic shifts may be needed for anumber of reasons:

• as a “course correction” of the accumulation of the smaller changes mentioned above;

• to adapt to significant technological evolution, such as cloud computing;

• to accommodate a major realignment of corporate strategy; and/or

• to optimize new business arrangements, such as mergers or partnerships.

The main characteristics of such tectonic changes are the risk involved and the concomi-tant apprehension in those who have to orchestrate the change, ranging from concern toterror. Having been in the networking business for a while, I have seen everything fromabsolute paralysis when faced with scaling the network, to an orderly transition over a coupleof weeks from one infrastructure to another, to a (successful!) overnight cut-over. Thus, the

xxiv FOREWORD

human element is a key factor in undertaking such migrations. This book addresses themwith a calm appraisal of the tools available and a diverse set of successfully engineeredcase studies. But the real value of this book lies in its deep technical understanding of theissues associated with migrations. It shows how to minimize the risk, underscores the value ofpreparation, and describes clearly a systematic process in a variety of scenarios. The authorsspeak from personal experience, and their advice is the aggregate wisdom of their own effortsas well as those of other network architects.

In the final analysis, this book is more than just a handbook for a one-time “big bang”change that you may be contemplating in your network. This book teaches a rare skill:expertise in planning and executing big bang changes, even if you don’t anticipate such aneed. The value of this skill is to lighten today’s decisions. The fast pace of technologicalinnovation and the unpredictable nature of user demand cast a deep shadow on decisionsthat must nevertheless be made. There is a fear of getting it wrong, and of having to pay asevere penalty a few years down the road, resulting in these decisions being deferred, lessthan optimal performance, and dissatisfaction among your customers. Network Mergers andMigrations: Junos R© Design and Implementation takes away the fear of the unknown andgives you a business advantage that not only makes you more nimble and able to adapt,but also frees you to make those necessary decisions today, without recourse to a crystalball, resting in the sure knowledge that you can successfully and safely realign your networkshould the need arise.

Kireeti KompellaJuniper Fellow

Acknowledgments

The rationale for this book appeared after long discussions with Patrick Ames aboutproposing innovative contents to the internetworking audience from the perspective ofengineers working for Juniper Networks Professional Services.

Patrick has been supporting us and proposing ideas focusing on network migrations sincethe very first conception of this book. He has been fundamental through the complete editorialprocess until reaching publication and this book would not have come to fruition without him.His insistence, persistence, and encouragement have definitely made this book possible.

Aviva Garrett has been instrumental through the complete review process. Her writingexperience has been a cornerstone in this book and her editorial support has been the guidinglight through to the final edition. Apart from being our writing style reference guide, she hasworked hard to improve the quality of the book and she has constantly encouraged us withher support.

Domiciano Alonso Fernández and Miguel Cros Cecilia from Telefónica España haveprovided tremendously valuable feedback to this book. They have clearly approached thework with the eyes of a service provider and emphasized and corrected numerous topicsusing their vast knowledge, experience, and lessons learned.

Peter Lundqvist has provided us with extremely helpful reviews throughout all chapters.His comprehensive review on every topic and exercise, and more important, his fantasticsense of humor have been greatly appreciated! (“yes, there are still people out there managingNSSAs!”)

We also wish to express our sincere gratitude to Ina Minei for her detailed feedbackon many technical aspects of the book, Yakov Rekhter for his vision on the history ofBGP, L3VPNs, and the related technical discussions, Bruno de Troch for his review onBGP migrations and the overall case study structure, Anantharamu Suryanarayana for hiscomments on the internal implementation of local-as, and Hannes Gredler for being theultimate technical reference guide for so many topics and questions.

Valuable discussions with Luca Tosolini provided a real-life scenario that requiredmigration from BGP confederations to route reflection.

Ignacio Vazquez Tirado, Rodny Molina Maldonado, and Pablo Mosteiro Catoria helpedto describe and understand alternative perspectives for several scenarios and situations in thebook.

Becca Nitzan and Miguel Barreiros have also contributed detailed and valuable commentson selected chapters.

Senad Palislamovic, Richard Whitney, Majid Ansari, and Doughan Turk have kindlyreviewed sections throughout the book and have provided clarifying and helpful feedbackon most topics.

xxvi ACKNOWLEDGMENTS

A big thank you goes to Stefano Anchini and the Juniper Networks EMEA CFTS team fortheir support in the use of their lab facilities out-of-hours.

Alistair Smith from Sunrise Setting Ltd has been our default gateway for all LATEX-relatedquestions and has definitely helped us in improving the quality of this book. Sarah Tilleyfrom John Wiley & Sons Ltd has been our Project Editor and has kindly supported us withour frequent requests.

Both authors also wish to warmly thank their colleagues from Juniper Networks Pro-fessional Services and the Spanish account teams, and their customers, mainly TelefónicaEspaña and Telefónica International Wholesale Services, for the lessons learned, for thehard and not-so-hard times, and for the shared experiences. Many thanks for the continuouschallenges and for offering us the possibility to learn something new every day.

Finally, we wish personally to express our thanks to some of our well wishers:Gonzalo – First and most important, I would like to thank my wife, Marta, for her endless

patience and support while writing this book. Without her understanding and encouragement,this project would simply not have been possible. Second, many thanks to my son, family,and friends for their loving support, especially during this time. I would also want to extendmy heartfelt thanks to my previous employers, particularly my former colleagues at Cable &Wireless, because some of the tidbits included in this book are also due to them. Last but notleast, Anton has been the perfect complement in this project. His critical and knowledgeableview, his capacity of abstraction, and his vast experience have been key factors in thedevelopment of contents and scenarios.

Anton - I am grateful for the unconditional support of my wife, Rosa Maria, throughoutthe writing process, and for her understanding during this challenging and sometimes difficulttime. She keeps me smiling. My family provided the necessary distractions that such atechnical project requires to help me maintain a perspective on the real world. I would likeespecially to thank Gonzalo for encouraging me to pursue his idea of routing case studies andfor giving me the opportunity to participate, and for keeping the project together all along.

Acronyms

ABR area border routerAFI address family identifierAS autonomous systemASN autonomous system numberASBR autonomous system border routerBCD Binary Coded DecimalBDR Backup Designated RouterBFD Bidirectional Forwarding DetectionBGP Border Gateway ProtocolBoS Bottom of StackCBGP confederated Border Gateway ProtocolCE Customer Edge (router)CLNP Connectionless Network ProtocolCsC Carrier Supporting CarrierDCU Destination Class UsageDIS designated intermediate systemDR Designated RouterDUAL Diffuse Update AlgorithmEBGP exterior Border Gateway ProtocolECMP equal-cost multipathEGP Exterior Gateway ProtocolEIGRP Enhanced Interior Gateway Routing ProtocolEL-BGP external Labeled BGP, see L-EBGPFA-LSP Forwarding Adjacency LSPFEC Forwarding Equivalence ClassFIB Forwarding Information Base (forwarding table)GMPLS Generalized Multiprotocol Label SwitchingGRE Generic Routing EncapsulationIANA Internet Assigned Numbers AuthorityIBGP interior Border Gateway ProtocolIETF Internet Engineering Task ForceIGP Interior Gateway ProtocolIGRP Interior Gateway Routing ProtocolIL-BGP internal Labeled BGP, see L-IBGPIS–IS Intermediate System to Intermediate System routing protocol

xxviii ACRONYMS

ISO International Standards OrganizationL2VPN Layer 2 Virtual Private NetworkL3VPN Layer 3 Virtual Private NetworkL-BGP Labeled BGPL-EBGP Labeled exterior Border Gateway ProtocolL-IBGP Labeled interior Border Gateway ProtocolLDP Label Distribution ProtocolLSDB Link-State DatabaseLSA Link-State advertisementLSI Label-Switched InterfaceLSP label-switched pathLSP Link-State packet or Link-State PDULSR label-switched routerMP-BGP MultiProtocol Border Gateway ProtocolMPLS Multiprotocol Label SwitchingMRAI Minimum Route Advertisement IntervalMTR Multi-Topology RoutingMTU Maximum Transmission UnitNLRI Network layer Reachability InformationNET Network Entity TitleNOC Network Operating CenterNTP Network Time ProtocolORF outbound Route FilteringOSPF Open Shortest Path First routing protocolPDU Protocol Data UnitPE Provider Edge (router)PHP Penultimate Hop PoppingPIM Protocol-Independent MulticastRD Route DistinguisherRFC Request for CommentsRIB Routing Information Base (routing table)RIP Routing Information ProtocolRP Rendezvous PointRPF Reverse Path ForwardingRPM Remote Performance MeasurementRR Route ReflectorRR Routing RegistryRRO Route Record ObjectRSVP Resource Reservation ProtocolSAFI subsequent address family identifierSLA service-level agreementSNMP Simple Network Management ProtocolSPF Shortest Path FirstSRLG Shared-Risk Link GroupTE Traffic EngineeringTED Traffic-Engineering Database

network mergers and migrations€¦ · network mergers and migrations: junos design and...

Documents