Using CE Router for Internet and VPN services

Peter Hicks peter.hicks at
Fri Jul 17 10:36:43 UTC 2009


Akhmedd Aly wrote:

> can someone explain me why service providers (Internet and/or L3 VPN
> services) obligate customers to use CE routers. Why they cannot
> configure more than /30 (in some cases /31) subnet mask on PE
> interface side for me? In that case I can use cheap L2 switch and use
> default gateway on all my PCs in the LAN, pointing to SP PE.

Managed services.  The concept of "the demarcation point is an Ethernet 
port" is an important selling point for some people, especially when IT 
staff are not on-site.

Another major downside is the WAN circuit type - Ethernet circuits 
typically don't mirror the link state correctly.  Furthermore, 
troubleshooting is easier for the SP if it's their kit at both ends of 
the circuit.

With this kind of technology, anything is usually possible, but 
restricted by the practices of the SP or their superior knowledge given 
that they have hundreds, maybe thousands of customers and therefore a 
lot more experience than many of their customers.

> Please describe all benefits and detriments of using more than /30
> subnet on SP PE.  Some good links will be very useful for me.

We have /29s on our PE-to-CE links.  This allows for the 
Ethernet-presented WAN circuit to come in to a Layer 2 switch at either 
end, and two CE and two PE routers run eBGP in a full mesh.

The benefits of this aren't obvious until you do the same for a backup 
link via another PoP - re-use the same CE routers, but full-mesh to the 
other PoP site.  Result - you can lose a CE router but not have to fail 
over to the backup PoP.


More information about the NANOG mailing list