ISP Base Lab Design

This ISP Design will provide a base for further development of MPLS VPN technologies which will show an example of best practices of MPLS ISP VPN network. Further sections of this document will concentrate on basic design principles outlined in sections shown below:

  • High-Level Design
  • Physical Design
  • Logical Design
  • MPLS Design

Each of them will provide a brief overview for a small size service provider lab which will utilize CSR1000v, C7200 and generic switches for topology development.

High-Level Design

For the lab, we have used four ISPs with a dedicated BGP Autonomous System Number that has been chosen to provide easy distinguishment between ISPs. Those will allow customers to use globally routable Provider Independent (PI) and Provider Aggregate (PA) prefixes. Below we listed ISPs and their ASN:

  • ISP 1 = AS 100
  • ISP 2 = AS 200
  • ISP 3 = AS 300
  • ISP 4 = AS 400

eBGP Peering

The lab was designed to use four service providers interconnecting together using BGP. Figure 1 represents eBGP peering between ISPs.

Figure 1

 

OSPF

For the underlay to create full reachability between loopbacks, all ISPs will be using OSPF which will distribute network information. In a real-life implementation, IS-IS would be the chosen option as it is more flexible and doesn’t refresh the full table every 30 minutes, not causing bandwidth bursts.

 

Since the ISP domains consist of only a few devices, there is no need for additional areas other than the backbone area 0 as shown in Figure 2.

Figure 2

To keep the routing tables small, OSPF will use a prefix suppression feature that doesn’t propagate transit links. This will allow OSPF to pass only information on loopback 0 IP addresses which will be used for MPLS and BGP peering. 

iBGP peering

BGP free core was designed to allow for prefix distribution throughout the ISP network without the need for core devices to hold routes. As shown in Figure 3 ISP1 site 1 uses only Border and Access nodes, whereas site 2 and ISP2 also use Aggregation nodes.

In addition, the nodes listed below have additional functions as a Route-Reflector (RR)

  • ISP1_ASBR1
  • ISP1_P2
  • ISP2_ASBR1
  • ISP2_P1

 

Figure 3

Physical Design

This section will cover device inventory and port allocations. It will then move to a physical design diagram. The lab consists of devices carefully chosen based on their capabilities, allowing for future more advanced configurations.

Inventory

Device name

OS

ISP1_ASBR1

csr1000v-universalk9.17.03.03

ISP1_ASBR2

csr1000v-universalk9.17.03.03

ISP1_P1

7200-adventerprisek9-mz.124-24.T5

ISP1_P2

csr1000v-universalk9.17.03.03

ISP1_PE1

csr1000v-universalk9.17.03.03

ISP1_PE2

csr1000v-universalk9.17.03.03

ISP1_PE3

csr1000v-universalk9.17.03.03

ISP2_ASBR1

csr1000v-universalk9.17.03.03

ISP2_ASBR2

csr1000v-universalk9.17.03.03

ISP2_P1

csr1000v-universalk9.17.03.03

ISP2_PE1

csr1000v-universalk9.17.03.03

ISP3

7200-adventerprisek9-mz.124-24.T5

ISP4

7200-adventerprisek9-mz.124-24.T5

CE1

7200-adventerprisek9-mz.124-24.T5

CE3

7200-adventerprisek9-mz.124-24.T5

CE4

7200-adventerprisek9-mz.124-24.T5

Port Allocation

The table below shows port allocations of the devices along with their adjacent devices.

Device name

Interface

Adjacent device

ISP1_ASBR1

G1

ISP1_P1

G2

IXP Switch1

ISP1_ASBR2

G1

ISP1_P2

G2

IXP Switch2

ISP1_P1

F0/0

ISP1_ASBR1

F0/1

ISP1_PE1

 

ISP1_P2

G1

ISP1_ASBR2

G2

ISP1_PE2

G3

ISP1_PE3

ISP1_PE1

G1

ISP1_P1

G2

LAN

ISP1_PE2

G1

ISP1_P2

G2

LAN

ISP1_PE3

G1

ISP1_P2

G2

LAN

ISP2_ASBR1

G1

ISP2_P1

G2

IXP Switch1

ISP2_ASBR2

G1

ISP2_P1

G2

IXP Switch2

 

ISP2_P1

G1

ISP2_ASBR1

G2

ISP2_ASBR2

G3

ISP2_PE1

ISP2_PE1

G1

ISP2_P1

G2

LAN

ISP3

F0/0

IXP Switch1

F0/1

ISP4

ISP4

F0/0

IXP Switch2

F0/1

ISP3

 

Figure 4 represents a physical topology of the lab, showing the device OS used along with physical connections between devices.

Figure 4

Logical Design

Prefix pools that have been assigned to each provider defining public address space. Those then are then sub-divided to provide customer access and pools of public IP addresses for customers.

It also shows three Internet exchange points (IXP) with a dedicated subnet used to create eBGP peering and exchange routes as shown in Figure 5.

Figure 5

The list of loopback addresses is shown in the table below. Those will be used for iBGP peering, OSPF, and MPLS router IDs.

Loopback IP

Device name

Loopback IP

ISP1_PE1

10.1.0.101/32

ISP1_P1

10.1.0.11/32

ISP1_ASBR1

10.1.0.1/32

ISP1_PE2

10.2.0.102/32

ISP1_PE3

10.2.0.103/32

ISP1_P2

10.2.0.12/32

ISP1_ASBR2

10.2.0.2/32

ISP2_PE1

10.0.0.11/32

ISP2_P1

10.0.0.101/32

ISP2_ASBR1

10.0.0.1/32

ISP2_ ASBR2

10.0.0.2/32

 

Figure 6 shows the logical diagram of the lab topology. It defines subnets used between devices and their loopbacks. It also shows the pool ranges distribution for customer edge devices.

Figure 6

PPPoE

To provide user access we choose Point-to-Point over Ethernet (PPPoE) unlike standard IP over ethernet it doesn’t require dedicated subnets to provide customer segmentation. Instead, it creates P2P links between customers and provider edge devices which forces intra-customer traffic through PE. This solution has been applied to all PE devices for CE1, CE3 and CE4.

MPLS Design

By default, LDP will assign labels within the full range making it hard to distinguish devices on a hop-by-hop basis. Therefore, just for aesthetic reasons, we will define the mpls label range, allowing devices to assign labels within the given range. Other uses of label range are out of the scope. In addition, LDP sessions use Loopback 0 IP address as Router-ID, which was manually predefined using the command mpls ldp router-id loopback 0

Device

MPLS Label range

ISP1_PE1

10100-101999

ISP1_P1

11000-11999

ISP1_ASBR1

1000-1999

ISP1_PE2

102000-102999

ISP1_PE3

103000-103999

ISP1_P2

12000-12999

ISP1_ASBR2

2000-2999

 

 

ISP2_PE1

10100-101999

ISP2_P1

11000-11999

ISP2_ASBR1

1000-1999

ISP2_ ASBR2

2000-2999

The other option is to use automatically enable MPLS on all interfaces included in the IGP process. Currently, the autoconfiguration feature is supported only by OSPF and ISIS, and it can be enabled using mpls ldp autoconfig command under the IGP process. All label ranges are shown in Figure 7.

Figure 7