Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

Network Design - A7500 ospf in a vpn-instance

adagre
Established Member

Network Design - A7500 ospf in a vpn-instance

Hi All,

 

I am designing a network consisting of 6 A7506 chassis (IRF'd), we have a multi customer network where we would like to isolate customer vlans via vpn-instance. Also we need OSPF running within specific vpn-instances, so a cusotmers vlan can route to their own vlans, most importantly for a builidng automation control system we need to support.

 

I am having a hard time understanding the concepts with some of this when we get to the customer edge. (various models of switches)

 

I would like some know some expert insight on how we should be designing this and what needs to be done at the customer edge.

 

I'm very green with the concepts of vpn-instance etc. 

 

Thanks!

3 REPLIES
Mike_ES
Valued Contributor

Re: Network Design - A7500 ospf in a vpn-instance

Hi,

Do you have any network draw to share and described?

 

Br,

Mike

adagre
Established Member

Re: Network Design - A7500 ospf in a vpn-instance

I cannot share any drawings on a public forum however, I'll give some more details as to the physical layout.

 

We have a campus style geography, with 3 sites. An MDF and two IDFs. The MDF and IDFs have 2 each 7506s in a IRF these 3 sites are connected together over 10Gb single mode. Extending from these nodes are many outlying builidngs each with different customer requirements, we manage all the infrastrucuture. We need to provide customer networks (doing so currently on old procurve layer 2 vlans) to these outlying builidngs, but coming from the old layer 2 deagin we wish to implement vpn-instance and introduce OSPF within the vpn-instance in oder to provide certain customers with the ability to route their own vlans etc. Also we like the idea of the vpn-instance so there is little chance of cross contaminating networks as you can imagine a customer not wanting their vlan bleeding to another customers network.

 

So how do we get the OSPF working within vpn-instance (we've been struggling with this for awhile now)

 

How do we provide multiple vpn-instances to the edge equipment? (being that of various makes and models) 

 

Also does the OSPF per vpn intelliigence happen at the core or does my edge equipment need to also participate in this role in some way.

 

Thanks!

Mike_ES
Valued Contributor

Re: Network Design - A7500 ospf in a vpn-instance

Ok, I get the point what in overall you would like to have. You need some core IRF switch with Multi-VRF interfaces and connect to edge/client devices, to do logical separation on the L3 routing, right?

The good start is from docs I attached for your review. There are some topology described based on the OSPF/BGP VRFs.

I would recommend you don't use OSPF but iBGP/eBGP instead for well-scaled topologies by design. 

Most of the VRF-lite Comware features are identical comparing to Cisco boxes.

 

Br,

Mike