MPLS for the masses

In my talk at ITNOG7 I presented “BGP FlowSpec Services beyond DDOS Mitigation” with the intention of proposing other uses of flowspec, as too often cataloged exclusively as a tool for managing DDOS.I built two services to achieve egress engineering and bidirectional traffic steering, using a combination of BGP Flowspec and MPLS L3VPN. Finally I described a framework for creating NFV services that can scale on service provider architectures. the slide with the requirements and proposed solution are eloquent:

The Wholesale Winery Tour 2022 was an opportunity to meet old and new friends, and to present something new. Given the interest of the topic, I repeated the presentation in a slightly more compact form to the wider audience of ITNOG6, receiving much appreciation here too. “Modern BGP Design” is a talk on how to overcome the stereotypes of traditional bgp design and combine new features using BGP as a real control-plane protocol.

I had the opportunity to present at ITNOG on the web the use of a switch as an internet border router, and how to set up a distribution strategy within the backbone to reduce the routing information while maintaining an “almost optimal” routing. For the border router, I used a selective FIB installation in TCAM only for significant destinations. The wide availability of RAM on recent switches permits to hold the FIRT (Full Internet Routing Table) and tag with a BGP Community the relevant destination to be loaded into the FIB.

I had the opportunity to talk about datacenter during ITNOG2 thank you guys! I talked about the use EVPN as control plane for overlay networks, and how to exploit them to create distributed services between different datacenters. I also mentioned the use of EVPN type-5 with proxy-arp to reduce distribution of mac-address routes and completely eliminate layer-2, while maintaining compatibility with current clustering and HA solutions based on layer-2 but now distributed in multiple datacenters.