mirror of
https://git.dn42.dev/wiki/wiki.git
synced 2024-11-23 07:43:29 +01:00
38 lines
1.6 KiB
Markdown
38 lines
1.6 KiB
Markdown
mpls label switching is faster because it's a divide and conquer search in an ordered list, compared to routing, which is a longest prefix match, which is a search in a netmask deep tree
|
|
|
|
and doing just label switching, especially with multiple labels, have consequences like
|
|
|
|
you can provide vpns, be that layer2 or layer3 on the same infra, we can source-route through arbitrary paths we want, and so on....
|
|
|
|
you can control visibility / reachability by route target export / imports, so you can hide various routes from specific endpoints, then they'll become unreachable just for them, basically rendering packet filtering unnecesary
|
|
|
|
hiding service addresses (ip / mac) from the infra resulting in less resource needs: in the simplest mpls, you dont need bgp route table only where the packet enters the network
|
|
|
|
you can hide your core from traceroute by disabling ip ttl propagation
|
|
|
|
|
|
hints:
|
|
|
|
as being layer2.5 technology, you'll need a tunnel which carry ethettype, like gre
|
|
|
|
inside the core you can do ldp, rsvp-te (strategic or auto-tunnel) or segment-routing
|
|
|
|
between two ases, you can enable ipv4/ipv6 labeled-unicast address family
|
|
|
|
to do inter-as-mpls-vpn on top of it, you can enable rr-to-rr, asbr-to-asbr or rr-to-asbr vpnv4/vpnv6/vpls/evpn peerings
|
|
|
|
|
|
more info at http://mpls.dn42/ or at http://mp.ls/
|
|
|
|
participating networks:
|
|
|
|
nop-mnt
|
|
|
|
C4TG1RL5-MNT -
|
|
[frr configuration](https://git.lemonsh.moe/C4TG1RL5/dn42/src/branch/master/lab.rtr.famfo.catgirls.dn42/frr)
|
|
_Please make sure you understand how to configure and use frr before you use anything from this configuration!_
|
|
|
|
planned:
|
|
|
|
Fortless
|