nanog mailing list archives

Re: MPLS VPNs or not?

From: Robert Raszuk <raszuk () cisco com>
Date: Tue, 07 Aug 2001 08:57:10 -0700


Vijay,

Ok so you say that increasing the number of features in any
implementation can cause critical bugs - hey I agree 100%. 

But what is the solution - do the freez in code and do not implement any
new features and enhancements ? All vendors (at least those significant
:) get a lot of new feature requests some of them touching much much
deeper then the mpls-vpn implementation into the elements of bgp, ospf,
isis etc .... Should all vendors just say - forget it we are not doing
it as it can introduce bugs ???

If not why you are particluary so flaming mpls-vpns and not other
features requested which when done wrong can cause hell lot of more
issues into the networks ?

R.

Vijay Gill wrote:

--On Tuesday, August 07, 2001 08:29 -0700 Robert Raszuk <raszuk () cisco com>
wrote:

Vijay,

I am not defending IOS bugs or any particular implementation - I am
defending the architecture.

R.


Robert,

 the point here being that software is a complex beast that is fairly hard
to get right and often has very subtle failure modes. The interactions
between various small bugs in subsystems often result in catastrophic
failures when they interact as a part of a much larger whole. The
architecture is fine, and in fact like all Powered By PowerPoint (tm)
architectures, looks good in labs and papers, runs extremely well on slide
projectors and will probably run fine in the real world for a while too.

However, there are real life operations folks who have to run these things
on large networks with lots of interactions among various components that
are hard to duplicate in a lab setting (else we'd have bug free code on
FCS).

There was no singling out of IOS or any other implementation, I was just
pointing out two fairly recent failure modes in code paths that has been
exercised for years and deal with a "well known" RIB and adjacency
maintenance issues. It is entirely possible that there are no bugs in
current implementations; I just won't bet my day job on that possibility.

Besides for those individuals who have problems with  maintaining a
sinlge RIB with IGP routes I would higly advise a caution in deploying
an mpls-vpn service or even touching the routers :).


That was uncalled for. We do have problems maintaining a single RIB with
IGP routes sometimes, mostly they are due to buggy implementations.

/vijay

Current thread:

Re: MPLS VPNs or not?, (continued)
- - - Re: MPLS VPNs or not? Christian Kuhtz (Aug 07)
    - Re: MPLS VPNs or not? Vadim Antonov (Aug 07)
    - Re: MPLS VPNs or not? Christian Kuhtz (Aug 07)
    - Re: MPLS VPNs or not? Christian Kuhtz (Aug 07)
    - Re: MPLS VPNs or not? Vadim Antonov (Aug 08)
    - Re: MPLS VPNs or not? Vadim Antonov (Aug 08)
    - Re: MPLS VPNs or not? Robert Raszuk (Aug 07)
    - Re: MPLS VPNs or not? Vijay Gill (Aug 07)
    - Re: MPLS VPNs or not? Robert Raszuk (Aug 07)
    - Re: MPLS VPNs or not? Vijay Gill (Aug 07)
    - Re: MPLS VPNs or not? Robert Raszuk (Aug 07)
    - Re: MPLS VPNs or not? Tony Tauber (Aug 07)
    - Re: MPLS VPNs or not? Christian Kuhtz (Aug 07)
    - Re: MPLS VPNs or not? Vijay Gill (Aug 07)
    - Message not available
    - Re: MPLS VPNs or not? Robert Raszuk (Aug 07)
    - Re: MPLS VPNs or not? Vadim Antonov (Aug 07)
    - Re: MPLS VPNs or not? Christian Kuhtz (Aug 07)
    - Re: MPLS VPNs or not? Ken Woods (Aug 07)
    - Re: MPLS VPNs or not? Yakov Rekhter (Aug 07)
    - Re: MPLS VPNs or not? Randy Bush (Aug 07)
    - Re: MPLS VPNs or not? Christian Kuhtz (Aug 07)

(Thread continues...)