1. Home
  2. Networking
  3. MPLS and VPN Architectures

PE-router Provisioning and Scaling

When provisioning an MPLS/VPN solution, one of the major concerns is how to scale the PE-router configuration and what limits should be drawn so that the configuration can scale. This is certainly not a trivial exercise, and numerous factors will affect this scaling, some of which we will cover during this section. There are no "magic" numbers relevant to each and every design, and the limitations that will be used very much depend on the actual deployment and design requirements.

As with all new technologies, deployment experience is generally sketchy (at best). Therefore, only limited information is available for any design decisions. An amount of theoretical data must be used. This does not mean that a successful deployment of the architecture cannot take place, although a certain amount of tuning may need to occur during the deployment phases of the design so that an optimal production environment is produced.

The first implication of the MPLS/VPN architecture to understand is that each of the PE-routers does not need to carry every route that belongs to the customers of the VPN service. This means that, potentially, the amount of memory required to hold BGP routes may be reduced. However, the information within the BGP routes is increased to include such things as extended attributes, which must be held in memory.

Multiple VRFs may be used within the PE configuration. There is no hard limit on the number of VRFs that can be configured on a PE-router?this is bounded by the number of interfaces. A certain number of data structures is required for each VRF, but this does not cause a significant amount of memory increase. Each VRF can hold as many routes as it needs. The only limit on this, as with standard BGP routing, is the amount of available memory on the PE-router. This is the real limit on PE scaling, and exactly how many routes can be held in a router will depend on such things as the number of BGP neighbors that advertise the routes and the amount of memory required to store the attributes contained within the paths of the routes.

Note

To place an upper limit on the memory usage incurred by each VRF, you can use the maximum routes command in the VRF definition to limit the total number of routes that can reside in a VRF. You also can use neighbor maximum-prefix command to limit the number of routes received from a CE-router running BGP with the PE-router.


When provisioning for PE-to-CE connectivity, it is important to bear in mind that the current IOS implementation provides a maximum of 32 protocol descriptor blocks (PDBs) per PE-router. One PDB is used per protocol instance, including static and connected. Therefore, careful design is required when provisioning the PE-router so that no more than 32 protocol instances are planned for.

If BGP is used between PE- and CE-routers, then only one BGP process is required and only 1 PDB is used. Even if you use BGP in several VRFs, they are considered as different routing contexts that run within the same BGP process. The situation is similar with RIP if multiple routing contexts within the RIP process are configured. However, if OSPF is used for PE-CE connectivity, separate OSPF processes are required (one per VRF), and one PDB is used per VRF where you run an OSPF process.

For example, consider a PE-router in which you have to run BGP with some sites, OSPF with the majority of the sites, RIP with a few sites, and static routing toward the rest of the sites. If all the sites for each routing protocol instance were contained within the same VRF, then only six PDBs would be necessary (one for BGP, one for OSPF, one for RIP, one for static routing, one for connected routing, and one for the service provider backbone IGP). However, if each site belonged to a different VRF, then the number of PDBs would increase.



    		MPLS and VPN Architectures
    		About the Authors
    		About the Technical Reviewers
    		Acknowledgments
    		Part I: MPLS Technology and Configuration
    		Part 2: MPLS-based Virtual Private Networks
    		Chapter 7. Virtual Private Network (VPN) Implementation Options
    		Chapter 8. MPLS/VPN Architecture Overview
    		Chapter 9. MPLS/VPN Architecture Operation
    		Chapter 10. Provider Edge (PE) to Customer Edge (CE) Connectivity Options
    		Chapter 11. Advanced MPLS/VPN Topologies
    		Chapter 12. Advanced MPLS/VPN Topics
    		MPLS/VPN: Scaling the Solution
    		Routing Convergence Within an MPLS-enabled VPN Network
    		Advertisement of Routes Across the Backbone
    		Introduction of Route Reflector Hierarchy
    		BGP Confederations Deployment
    		PE-router Provisioning and Scaling
    		Additional Connectivity Requirements?Internet Access
    		Internet Connectivity Through Firewalls
    		Internet Access?Static Default Routing
    		Separate BGP Session Between PE- and CE-routers
    		Internet Connectivity Through Dynamic Default Routing
    		Additional Lookup in the Global Routing Table
    		Internet Connectivity Through a Different Service Provider
    		Summary
    		Chapter 13. Guidelines for the Deployment of MPLS/VPN
    		Chapter 14. Carrier's Carrier and Inter-provider VPN Solutions
    		Chapter 15. IP Tunneling to MPLS/VPN Migration Case Study
    		Appendix A. Tag-switching and MPLS Command Reference