Routing

Hi everyone,

Some questions for the experts on PIC Edge and PIC Core:

Looking at the Juniper tech-doc for PIC Edge for L3 VPNs (https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/layer3-vpn-bgp-pic-edge-configuring.html) it shows that enabling 'protect core' is required in the vrf-instance, it also shows that a load-balancing policy is required for the forwarding-table ...

Questions:

(1) the 'protect core' command looks like it's for 'PIC Core' given the wording in the command ... but the tech-doc states it's to allow a second (backup) BGP next-hop to exist in the forwarding-table for VPN routes in the event that a PE router (which is the primary/best BGP next-hop for VPN routes) fails - so my question is: does the 'protect core' command behave similarly to configuring 'multipath vpn-unequal-cost' under the routing-options of a vrf-instance? - i.e. it allows additional BGP next-hops to exist for VPN prefixes received from 2 (or more) PE's?

(2) Would 'protect core' require 'indirect-next-hop' to be configured in the forwarding-table too? I assumed it would but I couldn't see the requirement stated in any tech-docs ...

(3) With respect to the requirement for load-balancing policy to be configured in the forwarding-table: when enabling 'protect core' the tech-doc states that this is a requirement - but does 'protect core' in conjunction with the LB policy actually load-balance traffic between the 2 (or more) BGP next-hops which are present in the forwarding-table? The tech-doc states that one path is primary and the other(s) are for back up in the event of the primary BGP next-hop (i.e. a PE router) being withdrawn in the event of the primary PE router failing - so is the LB policy purely there to place additional next-hops into the forwarding-table but no actual load-balancing of traffic occurs? (i.e. only the primary next-hop is used for traffic until it is withdrawn, and only then is the back-up next-hop(s) used?)

(4) My understanding of PIC Core is that it is used for IGP protection to a single BGP next-hop - i.e. the IGP converges much faster than BGP in a core network failure event (e.g. a P router failure and/or core link failure) so PIC Core allows a PE to have an alternative direct next-hop to a BGP next-hop stored in the forwarding-table (i.e. the BGP next-hop stays the same but there is an alternative/back-up IGP route to that BGP next-hop)

(5) Does Juniper actually 'do' PIC Core ... or just PIC Edge? Or does PIC Edge actually include PIC Core??

Lots of questions - I hope they make sense and that some gurus can provide the answers ..!

TIA

Hello,

"MPLS in the SDN era" book chapter 20 has answers to some of Your questions

http://shop.oreilly.com/product/0636920033905.do

HTH

Thx

Alex

Hi TIA

As far I know both the modules of the BGP PIC feature i.e. PIC core and PIC Edge are enabled
using the "protect core" knob in Juniper. This knob installs to the Packet Forwarding Engine the second best path in addition to the calculated best path to a destination.

[edit routing-instances routing-instance-name routing-options]
user@host# set protect core


Beginning with Junos OS Release 15.1, the BGP PIC feature, which was initially supported for Layer 3 VPN
routers, is extended to BGP with multiple routes in the global tables such as inet and inet6 unicast,
and inet and inet6 labeled unicast. On a BGP PIC enabled router, Junos OS installs the backup path
 for the indirect next hop on the Routine Engine and also provides this route to the
Packet Forwarding Engine and IGP. <<<<<<<<<<

Below document shall clear some doubts:

https://www.juniper.net/documentation/en_US/junos/topics/concept/use-case-for-bgp-pic-for-inet-inet6-lu.html


Below doucment on example scenario of BGP PIC edge:

https://www.juniper.net/documentation/en_US/junos/topics/example/bgp-pic-edge.html




Regards,
Rahul

Please mark my solution as accepted if it helped.