7 Mar
2012
7 Mar
'12
3:03 a.m.
On Wed, Mar 7, 2012 at 2:07 AM, Leigh Porter <leigh.porter@ukbroadband.com> wrote:
What's the nicest way of allowing the ops servers all talk to each VPN instance? At the moment I just us pretty normal L3VPN techniques so that every VPN sees routes tagged with the ops VPN target community and so that the ops VPN sees all the other VPN routes but the division between VPNs is maintained.
Or, would it be nicer to have the firewall have a foot in each VPN, advertise routes to ops systems to each VPN instance and receive routes from all the other VPNs?
I think you may pay more money for extra firewall zones and perhaps not receive any benefit from it. -- Jeff S Wheeler <jsw@inconcepts.biz> Sr Network Operator / Innovative Network Concepts