GIBNv2 : Routing Architecture and Pilot phase

presentation

Jun 2009

I&BNF/ENDD/CNP Internet & Peering – Juan Vadillo

11
Agenda

> Current GIBN architecture & limitations

> GIBNv2 Target architecture
> GIBNv2 Status and deployment steps
> GIBNv2 phase 1 traffic flows
> GIBNv2 General concepts
> GIBNv2 Pilot in Caracas
> Next steps

GIBNv2 : Pilot test in Caracs 2

Current GIBN architecture & limitations
> GIBN Overview
- GIBN = dedicated Internet network with 9 regional ASes (5 in Europe, 2 in America, 2 in
AsiaPac)
- 90 PoPs in 70 cities in 42 countries interconnected using mainly AGN (AToM implemented on
a few paths)
- Supports Internet Direct service (~1500 connections) but also other services relying on Internet
complementing IGN portfolio (NBIG, SIA, BEW…)
- Network mainly built on ~150 CS75xx and a few (~15) GSR platforms
- Total traffic (2/3 Transit, 1/3 Peering) : ~3Gbps (7% for DSL SIA) with ~30% growth/year
- 20 Global Transit connections (for full Internet connectivity) and 34 peering connections (for
domestic/regional connectivity)

> Project drivers : GIBN challenges and issues

- GIBN platforms EoL: end of Cisco SW/HW maintenance on 75xx platforms since end08:
- Control plane scalability issues on CS75XX (memory)
• Workaround by upgrading head routers in each AS and removing FRT from IAR
- Switching / bandwith / service limitations on current infrastructure
• 75xx does not sacle above OC3 (few GSR deployed as workaround)
• GE access not supported
• Impossible to native IPv6 project requested by NSBU

 Need to develop an alternate solution for supporting Internet Direct & other services (SIA,
NBIG, BEW…) relying on GIBN today
GIBNv2 : Pilot test in Caracs 3
GIBN Architecture Evolution : Internet support on IGN
> Possible solutions considered :
- Keep dedicated Internet network : discarded due to massive investment required to replace
current CS75xx)
- Use of OTI network limited due to OTI network coverage (29 cities in 11 countries ) and
inappropriate high-end platforms to support low-speed GIBN connections

 Solution retained is to rely on IGN to provide access / aggregation layer for Internet
services leveraging current infrastructure

> Solutions benefits :

- Architecture required to support native Internet IPv6 service
- Internet services will take advantage of IGN infrastructure and design :
• Extended coverage (164+ PoPs compared to current 90 on GIBN)
• Higher backbone capacity
• Availability of GE at the access
• Technology refresh (IGNv2)
- Optimization of infrastructure and operation costs through network consolidation
- New architecture will facilitate future service evolution (i.e. xDSL access to Internet)

GIBNv2 : Pilot test in Caracs 4

GIBNv2 : Architecture Principles

> IGN will be turned into Multiservice network (supporting Internet + IPVPN)
> Internet gateways:
- Will support the Peering and Transit connections
- Will provide Internet access to the shared IGN Internet VRF through the PE-ASBR
- Will be deployed outside IGN AS (seen as a CE from IGN) using current GIBN ASes
> Access PE :
- Creation of a new VRF “internet_shared VRF” on all IGN PEs that will be supporting internet customers
(solution compliant with security constraints thanks to VRF isolation / no Internet in GRT)
- Customers requiring Internet Direct will be meshed to the shared “internet_shared VRF”
> PE-ASBR:
- Will support interconnection with Internet gateways
- Internet gateway meshed in a specific VRF ‘internet_gibn_gateway VRF’ on these PE-ASBR
- May also support access PE function
> Introduction of a new C3 class in the IGN backbone CoS model for Internet traffic
- Solution already implemented on RAEI
- Internet traffic with IP Precedence 0 mapped into C3 class

GIBNv2 : Pilot test in Caracs 5

 GIBNv2 : Architecture Overview
Opentransit / Alternate ISP

GIBN AS
Internet GW Internet GW Regional
Regional
Peering iBGP Peering

PE-ASBR PE-ASBR

PE-ASBR
Internet GW Local
Peering
Access PE PE-ASR/
Access PE
CPE (Static)
CPE (BGP)
IGN
CPE (Static)

GIBNv2 : Pilot test in Caracs 6

Access PE and PE-ASBR
> Access PE :
- Solution to be supported on both PE ESR10k and CS76xx
- Shared customer Internet VRF to be implemented on all eligible access PE
> PE-ASBR
- Solution to be released on both PE ESR10k and CS76xx
- Use of (future) PE HoC (CS76xx) recommended wherever possible (Core PoP)
- PE ASBR - Internet gateway connectivity
• FE/GE preferred option for collocated Transit/Peering Internet gateways
• OC3 (POS/ATM), DS3 (ATM/Serial), E1/T1 Serial required for step 1 (interco with collocated
GIBN router) and for remote peering gateways (in step 2)

GIBNv2 : Pilot test in Caracs 7

Project Phases / Deployment steps
> Phase 1 (priority) : Freeze GIBN growth
- Start connecting Internet customer on IGN MS-PE using current infrastructure
- Use of current GIBN platform as Internet gateway
- Interconnection of GIBN to PE-ASBR as pre-requisite
- GIBN current meshing to be kept for existing customers
 Solution expected to be available beg Q2 09 for major sites

GIBNv2 : Pilot test in Caracs 8

Project Phases / Deployment steps
> Phase 2 : Implementation of target topology
- CS76xx as Internet gateways to replace GIBN obsolete platforms
•Move Transit/peering connections onto these new platforms
• Keep interconnection with GIBN for remaining customers during migration
• Interconnect Internet gateways using AToM wherever necessary
 Deployment expected to be started Q3 09

- Migration of Internet customer from GIBN IAR to IGN MS-PE

• Currently ~1800 Internet CPE on ~630 access ports
• 80% Indirect access (FR/ATM) / 20% Direct access
• Customer Migration approach (one-to-one or port consolidation) to be decided
 Migration targeted to be started beg Q3 09 to take benefit of AOM resources to be freed
after IGNv2 migration

- Dismantlement of GIBN
•Migration of non-customer connections (IDAR/LAN Server…)
 Target is to phase-out GIBN by mid/end 2010

GIBNv2 : Pilot test in Caracs 9

GIBNv2 Routing Architecture Phase 1

> The rest of this presentation will be dedicated to:

- The routing architecture of phase 1
- The proposed implementation for the Pilot phase in Caracas

GIBNv2 : Pilot test in Caracs 10

GIBNv2 phase 1: Traffic flows

> During the phase 1 we will have customers connected to both GIBN and
IGN infrastructure
> Traffic flow for customers connected to GIBN and other GIBN
customers, peering partners and transit providers will remain unchanged
> Traffic between a customer connected to IGN and a customer connected
to GIBN will go through the IGW-PE-ASBR interco

GIBNv2 : Pilot test in Caracs 11

 Traffic flows: Internet IGN cust to Internet IGN cust
> Traffic will be transported over IGN

Country A
Internet cust
on IGN

IGW
Country C Access Country B
PE
internet_sha
red VRF

internet_sha internet_gib
Internet cust Access red VRF n_gateway PE-ASBR
on IGN PE IGN VRF

internet_sha
red VRF Internet cust
Access on IGN
PE

GIBN GIBN
Region 2 Region 1

GIBNv2 : Pilot test in Caracs 12

 Traffic flows: Internet IGN cust to Internet IGN cust
> By default we will not advertise the GIBN customer routes into IGN, instead the default behavior for and IGN customer to reach a GIBN customer
will be to follow the default route advertised by the closest IGW with a Global Transit connection and then use GIBN to reach the final destination.
> This approach will simplify routing and will not result on an unacceptable RTD increases for most of the cases

GIBN Cust
Country A

Country C
IGW
IGW
IAR

IAR
IGW Country B
GIBN Cust PE-ASBR
PE-ASBR internet_gib
n_gateway
internet_gib VRF
n_gateway internet_gib
VRF n_gateway PE-ASBR
IGN VRF

internet_sha
red VRF
Access Internet cust
PE on IGN

GIBN GIBN
Region 2 Region 1

GIBNv2 : Pilot test in Caracs 13

 Traffic flows: IGN customer to GIBN customer on the same
country and with no transit/peering IGW
> In the final GIBNv2 architecture, we will not deploy an IGW on countries with no transit/peering connection, however during phase 1 we
will need to implement GIBN-IGN interconnections in some of this countries, to ensure the IGN customer to GIBN customer traffic for two
customers on the same country will not have an unacceptable RTD increase by having to go to the closest IGW advertising the default route.

Global Transit

Default behavior Country A

(RTD increase is
not acceptable) IGW
IGW

PE-ASBR PE-ASBR
internet_gib internet_gib
n_gateway n_gateway
VRF VRF

IGN internet_sha
red VRF
internet_gib
n_gateway
Internet cust
VRF PE-ASBR on IGN
+Access PE

IAR/ICR
We will keep
domestic traffic from GIBN
Country B
going to Global
transit IGW
GIBNv2 : Pilot test in Caracs 14
GIBN Cust
 Traffic flows: IGN customer to GIBN customer between countries
with or without transit/peering where RTD will be impacted if
routing using default route
> In cases following the default route for IGN customer to GIBN customer traffic between two countries will lead to an unacceptable
RTD increase, on this cases we will make an exception and allow the advertisement of GIBN routes for this country into IGN,
limiting the propagation of this routes within IGN only to the countries that will otherwise suffer an unacceptable RTD increase.

Global Transit

Country A Default behavior (RTD

increase is not acceptable
IGW IGW in some cases)

PE-ASBR
PE-ASBR
internet_gib internet_gib
n_gateway n_gateway
VRF VRF

internet_gib internet_sha
n_gateway red VRF
Access PE
VRF
PE-ASBR
IGW
Internet cust
GIBN on IGN

Local Transit Country B

and/or
Peering IGN cust to GIBN cust will
GIBN Cust be transported via IGN
GIBNv2 : Pilot test in Caracs where default behavior will
Country C 15
increase RTD too much
 Traffic flows: IGN customer to Global transit
> Traffic will be transported over IGN to the closest IGW providing global transit.
Global Transit

Country A
IGW

PE-ASBR
internet_gib
n_gateway
VRF

internet_gib
n_gateway
IGW VRF
internet_sha
internet_sha
red VRF
PE-ASBR red VRF
Access PE
Access PE

Internet cust
GIBN on IGN
Country B

Internet cust
Country C on IGN

GIBNv2 : Pilot test in Caracs 16

 Traffic flows: IGN Customer to Local/Regional transit/peering

> Traffic will be transported over IGN to the PE-ASBR in the country hosting the
local/regional transit/peering connection.
Global Transit

Country A

IGW IGW

Country D PE-ASBR PE-ASBR

internet_gib internet_gib
n_gateway n_gateway
PE-ASBR VRF VRF
Regional Transit IGW +Access PE internet_gib
and/or n_gateway
VRF
Peering internet_sha IGN
red VRF
Access PE
PE-ASBR
internet_s
+Access PE
hared VRF
internet_gib
internet_sha
n_gateway
red VRF
VRF IGW
Internet cust
GIBN on IGN

Local Transit Country B

and/or
Peering
Internet cust
on IGN
GIBNv2 : Pilot test in Caracs Country C 17
GIBNv2 VRFs
> internet_shared VRF, will be used for customer access and will do the following:
- Import routes of GIBN connected customers (Limited to cases were routing with default route
will lead to an unacceptable RTD increase)
- Import routes of all IGN connected customer and IGN generated aggregates
- Import a Primary and backup default route
- Import Peering and/or Local transit routes (Optional, only used if the routes from the peering
and/or local transit are less that ~ 35K)
- Export the routes of all Internet customers connected to this PE
- Export the country aggregate (*)(Optional, only two PEs per country)

> internet_gibn_gateway VRF, Will be used by Internet Gateway (IGW) connection

and will do the following:
- Import the customer & aggregate routes for the countries) to be advertised to the
Transit/Peering connection(s) on the IGW
- Export the routes from the Transit/Peering connections of the IGW it connects to (Optional,
only used if number of routes is less than ~35K)
- Export the default route (Optional, only used for PE-ASBR supporting global transit
connection)
- Export the routes of GIBN connected customers (Limited to cases were routing with default
route will lead to an unacceptable RTD increase)

GIBNv2 : Pilot test in Caracs 18

VRF route import/export for GIBNv2 1/2
> On IGN, all internet routes will be tagged with a Route Target that will
indicate, 1)it is an Internet route, 2)the geographic origin of the route and
3)The type of route (PI, PA, RL, Peering, transit)
> The RT is set to the routes when they are exported from a VRF
> We use a two step approach for importing routes into a VRF:
- First we use the RT
- Second We further filter the routes using standard BGP communities

All Internet routes on IGN VRF Importing RT1 VRF permits only CT1 and CT3 (from
(As seen on IGN RR) and RT3 within the RT1 & RT3 routes, RT2 routes
are not considered)

RT1 RT1 RT1

CT 1 CT 1 CT 1
CT 4
CT 4 RT3 RT3
RT3
CT 3 CT 2 CT 3
CT 3
RT2 CT 2
CT 1 CT 3

This will be the routes

available on the VRF

GIBNv2 : Pilot test in Caracs 19

VRF route import/export for GIBNv2 2/2
> Importing routes into VRF
- First step: We will use RT (using the “route-target import command”); at
this level we will filter based on the region/type of route. This will help us limit
the number of routes that will need to be processed via the “import map” and also
help to make the route-maps simpler.
- Exception: To limit the number of import RT statements, We will group all
(global) customer & aggregates routes in to a couple of global RT the first will
include all the aggregates and the second will include all customer routes.
Remember that the routes also have the standard BGP communities, when needed
they will be used for more refined filtering via the import route-map.
- Second step: will use the standard BGP communities (via “import map”
command), import maps are applied only to the routes that were previously
imported due to the “route-target import” command. This will provide us a finer
granularity (i.e. we will be able to filter routes by country).
> Exporting routes out of VRF
- We will always use an “export map” in order to be able to tag the routes with the
appropriate RTs.

GIBNv2 : Pilot test in Caracs 20

Aggregate Generation
> On phase 1 aggregates will continue to be generated from GIBN and will not
be advertised to IGN, IGN connected customers will use the default route to
reach GIBN connected customers

> After all (or most) customers in a country have been migrated to IGN,
aggregates will also be migrated to IGN:
- Country aggregate and sub country aggregate will be generated from the
“internet_shared VRF”
- Regional and Global aggregates will be generated from the
“internet_gibn_gateway”

> The migration of aggregates to IGN will be analyzed by CNP on a country by

country basis depending on the status of the migration of customer
connections to IGN.

GIBNv2 : Pilot test in Caracs 21

RT scheme 1/2
> The RTs for internet will follow the standard IPVPN format:
- 10283:#VPN-id#XYZZ
> #VPN-id# The range 19960 to 19999 has been allocated for GIBNv2; it will
be subdivided as follows:
- 19960-19969 EMEA
- 19970-19979 Americas
- 19980-19985 APAC
- 19986-19997 Reserved for future use
- 19998-19999 Global
> X Will be set to “2” to indicate this is an any-to-any extranet VPN
> Y  Will be set to “1”, this value will be reserved for internet utilization
> ZZ-> Will be used to indicate the type of route, see table on next page

GIBNv2 : Pilot test in Caracs 22

 RT scheme 2/2
GIBN Region ASN VPN-ID Type of route (GIBN CT) Route-type RT suffix (ZZ)

NAM 2647 19970 Local Transit (1100) 11

SAM 6505 19971 Peering (2000) 20

BENELUX 5583 19960 PI (3000) 30

UK 4004 19961 Leaked networks (4099) 30

Central & Eastern Europe 10282 19962 PA (4200) 30

Nordics 2874 19963 Default route (7000) 70

Southern Europe 6853 19964 Global Aggregate (8000) 80

Asia 4862 19980 Regional Aggregate (8100) 80

Oceania 4805 19981 Country/POP aggregate (8200) 80

Global ---- 19999 Load Sharing aggregate (8300) 80

GIBNv2 : Pilot test in Caracs 23

BGP communities scheme
> On GIBNv2 we will keep the same community scheme currently used on
GIBN with few additions:
- <ASN>:9100 -> Will be added to all internet routes originated on IGN
- <ASN>:9200 -> Will be added to al internet routes originated on GIBN
- <ASN>:9300 -> Will be added to routes from Full Routing Table BGP customers
> See section 4.1 of the GIBNv2 Routing Architecture document for more
details.

GIBNv2 : Pilot test in Caracs 24

IGW <-> PE-ASBR addressing
> The 10.230.62.0/24 has been reserved for IGW<->PE-ASBR addressing
> This will permit up to 64 links, which should be enough for GIBNv2 needs
> NSE/GNVPC to record the subnets used from this IP block

GIBNv2 : Pilot test in Caracs 25

 GIBN architecture evolution
Pilot for GIBNv2 in Venezuela (Customer Digitel)

I&BNF/ENDD/CNP Internet & Peering

26
26
GIBNv2 Pilot : customer Digitel in VE
> Customer requirements : GE access with 100Mbps Internet in Caracas
(requiring major upgrade on GIBN)
> Solution proposed (under implementation)
- Customer to be connected on newly deployed BCCS810 (CS76xx)
- 2xGE Interconnections of PE-ASBR (ESR) with GIBN Head Routers in JAE & JAO for
Transit traffic
- FE Interconnection of PE-ASBR BCCS810 with GIBN IAR in CCS for local tfc
> Will allow better utilization of OC12 circuit on BCCS500 (Without the need of
deploying new AGN AToM links)
> Current status:
- Physical interconnection between BJAO411-BJAO518 (GE) completed
- Physical interconnection between BJAE411-BJAE518 (GE) completed
- Physical interconnection between BCCS305-BCCS810 (FE) completed
> The interconnection between BCCS305 and BCCS810 is needed to avoid traffic from a
CCS internet cust connected to GIBN going through Atlanta to reach a CCS internet
customer connected to IGN
> New customer access circuit is under deployment by local carrier

GIBNv2 : Pilot test in Caracs 27

GIBNv2 CCS Pilot : Physical topology
OAKBB1 FTLD ATLCR3
AS 5511

BJAE411 BJAO411

GE9/0 GE2/0

GE1/0/0 GE2/0/0

BJAO518
BJAO518

GE2/2/0
GIBN IGN
BCCS810 KCCS510

Digitel CE

FE8/1/0

BCCS403
FE1/0/0
BCCS423 BCCS305

Local interco needed to avoid local traffic

transiting via USA.

GIBNv2 : Pilot test in Caracs 28

 GIBNv2 CCS Pilot: Logical topology
BJAX518à BJAX411
IMPORT Rules
advertisements
RTs to be imported
-Deny GIBN originated routes
-SAM customer RT
BJAX411à BJAX518 advertisements -Advertise IGN cust PI, PA & RL
-SAM Aggregate RT
-Deny IGN originated routes Set CT=6505:9100 FTLD
OAKBB1 ATLCR3 Filtering via import route-map
-Advertise 0/0 -Advertise IGN originated
AS 5511 Aggr -Deny GIBN originated routes
Set CT=6505:9200 Set CT=6505:9100
-Permit IGN originated PI, PA, RL &
Incoming filtering on BJAX411 side Incoming filtering on BJAX518
Aggr routes from all SAM countries
-Deny GIBN originated routes side
EXPORT Rules
-Permit IGN originated PI, PA & RL with Inter-AS -Deny IGN originated routes
-Export 0/0
tag (<ASN>:80) -Permit Default route
tag with SAM default route RT
Set LP=80 & CT=6505:9100 Set LP=120 & CT=6505:9200 BJAO411
-Permit IGN originated PI, PA & RL with MCS IMPORT Rules
backup tag (<ASN>:110) RTs to be imported
BJAE411

eBGP
Set LP=110 & CT=6505:9100

eBGP
-SAM customer RT
-Permit IGN originated PI, PA & RL & Aggr with -SAM Aggregate RT
nominal LP (i.e no <ASN>:80/110)
Filtering via import route-map
Set LP=120 & CT=6505:9100 BJAE518 BJAO518
-Deny GIBN originated routes
internet_gib internet_gib -Permit IGN originated PI, PA, RL
IMPORT Rules
RTs to be imported
n_gateway GIBN n_gateway & Aggr routes from VE
-Global cust and aggregate RTs VRF VRF EXPORT Rules
-Export PI,PA & RL of VE GIBN
- SAM cust RT
connected cust
-The SAM default route RT IGN interne
tag with SAM cust RT
Filtering via import route-map internet t_gibn
-Deny GIBN originated PI, PA & RL (with the BCCS810à BCCS305 advertisements _share _gatew
exception VE GIBN cust routes) -Deny GIBN originated routes d VRF ay VRF BCCS305à BCCS810 advertisements
-Permit global IGN originated PI, PA & RL & -Advertise CCS IGN cust PI, PA & RL -Deny IGN originated routes
Aggr Set CT=6505:9100 -Advertise CCS GIBN cust PI, PA & RL
-Permit primary and backup 0/0 -Advertise CCS IGN originated Aggr BCCS810 Set CT=6505:9200

EXPORT Rules
-Export PI,PA & RL of cust connected to this
PE
tag with global & SAM cust route RTs
- Export the VE country Aggregates
tag with global & SAM Aggr route RTs
GIBNv2 : Pilot test in Caracs
eBGP
Set CT=6505:9100 Incoming filtering on BCCS305 side
Incoming filtering on BCCS810 side -Deny GIBN originated routes
-Deny IGN originated routes -Permit CCS IGN originated PI, PA & RL
-Permit CCS GIBN originated PI, PA & RL with with Inter-AS tag (<ASN>:80)
Inter-AS tag (<ASN>:80) BCCS305 Set LP=80 & CT=6505:9100
Set LP=80 & CT=6505:9200 -Permit CCS IGN originated PI, PA & RL
-Permit CCS GIBN originated PI, PA & RL with with MCS backup tag (<ASN>:110)
MCS backup tag (<ASN>:110) Set LP=110 & CT=6505:9100
Set LP=110 & CT=6505:9200 -Permit IGN originated PI, PA & RL &
-Permit CCS GIBN originated PI, PA & RL with Aggr with nominal LP (i.e no <ASN>:80/
nominal LP (i.e no <ASN>:80/110) 110)
Set LP=120 & CT=6505:9200 Set LP=120 & CT=6505:9100
29
GIBNv2 CCS Pilot: Traffic flows
OAKBB1 FTLD
NAM GIBN AS 5511 ATLCR3
Cust

IAR BJAE411 BJAO411

BJAE518
BJAO518

IGN

Digitel

BCCS810

GIBN GIBN
NAM NAM BCCS305

GIBNv2 : Pilot test in Caracs SAM GIBN 30

Cust
internet_gibn_gateway VRF (JAO and JAE)
> Setup for JAO and JAE will be identical, only JAO is shown below

Transit and/or
peering IMPORT Rules
RTs to be imported
-SAM customer RT
-SAM Aggregate RT
BJAO411 Filtering via import route-map
-Deny GIBN originated routes
BJAO518 -Permit IGN originated PI, PA, RL
EXPORT Rules & Aggr routes from all SAM
-Export 0/0 countries
internet_gib
tag with SAM default route RT
n_gateway
VRF

IGN
GIBN

GIBNv2 : Pilot test in Caracs 31

internet_gibn_gateway VRF (CCS)

IMPORT Rules
RTs to be imported
-SAM customer RT
-SAM Aggregate RT
BCCS305 Filtering via import route-map
-Deny GIBN originated routes
EXPORT Rules BCCS810 -Permit IGN originated PI, PA, RL
-Export PI,PA & RL of VE GIBN connected cust & Aggr routes from VE
tag with SAM cust RT internet_gib
n_gateway
VRF

IGN
GIBN

GIBNv2 : Pilot test in Caracs 32

internet_shared VRF (CCS)

Internet cust
on IGN
EXPORT Rules
-Export PI,PA & RL of cust connected
to this PE IMPORT Rules
tag with global & SAM cust route RTs RTs to be imported
- Export the VE country Aggregates -Global cust and aggregate RTs
tag with global & SAM Aggr route RTs - SAM cust RT
BCCS810
-The SAM default route RT
Filtering via import route-map
internet_sha -Deny GIBN originated PI, PA & RL (with the
red VRF exception VE GIBN cust routes)
-Permit global IGN originated PI, PA & RL &
Aggr
IGN -Permit primary and backup 0/0

GIBN

GIBNv2 : Pilot test in Caracs 33

BJAO518<->BJAO411 BGP session
> Setup for BJAE518<->BJAE411 will be identical, only JAO will be shown
> This diagram shows the BGP setup from BJAO411 point of view

OTI Transit

BJAO411à BJAO518 advertisements Incoming filtering on BJAO411 side

-Deny IGN originated routes -Deny GIBN originated routes
-Advertise 0/0 -Permit IGN originated PI, PA & RL with
Set CT=6505:9200 BJAO411 Inter-AS tag (<ASN>:80)

eBGP
Note: There are no SAM internet customers or Set LP=80 & CT=6505:9100
peering in JAO, BJAO411 will onl advertise 0/0 to -Permit IGN originated PI, PA & RL with
BJAO518 MCS backup tag (<ASN>:110)
BJAO518
Set LP=110 & CT=6505:9100
-Permit IGN originated PI, PA & RL & Aggr
internet_gib with nominal LP (i.e no <ASN>:80/110)
n_gateway Set LP=120 & CT=6505:9100
VRF Note: BJAO411 will accept routes from all
countries in SAM
IGN
GIBN

GIBNv2 : Pilot test in Caracs 34

BJAO518<->BJAO411 BGP session
> Setup for BJAE518<->BJAE411 will be identical, only JAO will be shown
> This diagram shows the BGP setup from BJAA518 point of view

OTI Transit
BJAO518à BJAO411 advertisements
-Deny GIBN originated routes
-Advertise IGN cust PI, PA & RL
Set CT=6505:9100 BJAO411
-Advertise IGN originated Aggr Incoming filtering on BJAO518 side
Set CT=6505:9100 -Deny IGN originated routes

eBGP
Note: BJAO518 will advertises cust and Aggr -Permit Default route
routes from all the region to BJAO411 Set LP=120 & CT=6505:9200
Note: There are no SAM internet customers
or peering in JAO, BJAO518 will only
BJAO518
receive 0/0 from BJAO411
internet_gib
n_gateway
VRF
IGN
GIBN

GIBNv2 : Pilot test in Caracs 35

BCCS810<->BCCS305 BGP session
> Setup for BJAE518<->BJAE411 will be identical, only JAO will be shown
> This diagram shows the BGP setup from BJAA518 point of view

Incoming filtering on BCCS305 side

BCCS305 -Deny GIBN originated routes
-Permit CCS IGN originated PI, PA & RL
BCCS305à BCCS810 advertisements with Inter-AS tag (<ASN>:80)
-Deny IGN originated routes

eBGP
Set LP=80 & CT=6505:9100
-Advertise CCS GIBN cust PI, PA & RL -Permit CCS IGN originated PI, PA & RL
Set CT=6505:9200 with MCS backup tag (<ASN>:110)
BCCS810 Set LP=110 & CT=6505:9100
-Permit IGN originated PI, PA & RL & Aggr
internet_gib with nominal LP (i.e no <ASN>:80/110)
n_gateway Set LP=120 & CT=6505:9100
VRF Note: For all cases above only the routes
from CCS will be allowed
IGN
GIBN

GIBNv2 : Pilot test in Caracs 36

GIBNv2 CCS Pilot: Next Steps
> CNP to open a MachX for IP configuration of the IGW-PE-ASBR interfaces
> NSE/GNVPC to review pilot phase implementation document
> CNP to Open MachX for VRFs and BGP sessions configuration on JAO, JAE
and CCS (Target June 13 or June 20)
> After above points are completed the network will be ready for migration of
Digitel connection to BCCS810

GIBNv2 : Pilot test in Caracs 37