Saturday, December 27, 2008

Hierarchical Provider Edge In Cisco

HoPE is hierarchical provider edge which is being offered by Huawei. From one of the blog I find the word and one the guy was asking whether cisco is providing the same or not. Given below is the explanation & working of HoPE. But one cannot say that cisco is not providing the HoPE that is some different concept in cisco how you can have the service.
The equipment directly connected with the user is called UPE (Underlayer PE, or User-end PE), while that connected with UPE and located in the network is SPE (Superstratum PE, or Service Provider-end PE).
The HoPE is the same as the traditional PE when viewed from the outside, so it can exist together with other PE's in the same MPLS network.
The HoPE network enables the MPLS VPN network to expand unrestrictedly via the hierarchical PE nesting and supports any levels of the MPLS VPN network. For example, the original network can be divided into two levels: the SPE and the UPE. As the services develop, it can have three levels: an SPE, an MPE (middle PE) and a UPE. PE's at all levels can connect users.
The UPE is used for user access. It only maintains the VPN Site routes directly connected instead of the need to maintain other remote Site routes. The SPE is used for VPN route maintenance and flooding. It needs to maintain all the routes of the VPN connected to its subordinate UPEs, including routes of the local and remote Sites.
The role division of SPE and UPE embodies the characteristics of PEs at different levels: The SPEs have routing tables of large capacities and powerful forwarding capabilities, but few interface resources; while the UPEs have low routing and forwarding capabilities, but their quantity is big, they have powerful access capabilities and can be connected nearby. HoPE fully utilizes the performance capability of SPE and the access capability of UPE.
Please note that UPE and SPE are two relative concepts. In the architecture of multiple PE levels, to the lower level, the upper level is SPE, while to the upper level, the lower level is UPE.
Protocols running between SPE and UPE include MP-BGP, MP-IBGP and MP-EBGP, whose application depends on whether the SPE and the UPE are in the same AS.
When they are in the same AS, the MP-IBGP protocol is adopted. The SPE serves as the route reflector for multiple UPE's but may not do so for other PE's. To reject routes that are from other PE's and do not belong to the site connected with the PE at this level, the SPE shall create a global Import route-target list based on the Import route-target lists of all VRF's of all the UPE's to filter out the routes from other PE's. The global list can be dynamically created based on the information exchanged between the SPE and UPE, or be statically configured.
When the SPE and UPE do not belong to the same AS, the MP-EBGP protocol is adopted. Similarly, the SPE needs to create a global import route-target list. Generally, the UPE shall use the private autonomous system number. When distributing routes out to other PE's, the SPE omits that number.
The VRF default route distributed by the SPE to the UPE can be dynamically generated or statically configured. The dynamic VRF default route should be generated by the VRF corresponding to all the sites connected to the HoPE and be distributed to all UPE's. When distributing the route, the ORF (Outbound Route Filter) can be used for filtering.
For the dynamic global list generation, the UPE sends an ORF message via the Route Refresh message of BGP to the SPE. The ORF message contains an extended community list, whose contents are the combination of the import route-target lists of all the VRFs on the UPE. The SPE merges all the UPE extended community lists to form a global list. The generation rule of static list is the same as that of a dynamic list.
Like in HoPE a SPE is deployed centrally and all the small or low end routers deployed at customer premises. The entire routing table corresponding to the vrfs installed in SPE. In Cisco this can be achieved by using the two interfaces looped with each other. You can deploy a 7600 or 7200 at central place and make two interfaces loop to each other. One physical interface will be part of routing domain. Now at the remote end deploy a 1800 or even any low end router. Terminate your client link on router and originate a xconnect and drop it to the one of the looped interface. Now on another loopinterface create the vrf interface. This all be done by creating the sub interfaces on loped interfaces. By doing this you can achieve the HoPE in cisco also & save your lot of cost.

shivlu jain

Anonymous said...

Hi Shivlu,

This is a very informative blog for a working professional in the domain of IP/MPLS.

Thanks a lot for all that I have learnt here.


Shivlu Jain said...


Fly said...

i confused about HoPE,we use different RT control vpn route distribution in same VPN, if we summary into one route. how can i distinct different VPN, or each UPE will create one VRF route space on SPE.
thank you!
Fly Jun Li

Shivlu Jain said...

This is only from UPE to PE. From PE it will get the routes from vrf only.

