Internet routes in Gobal Routing Table or in a VRF ?
Hello again, Another question for BGP VPN experts. If you provide Internet access and VPN service on the same MPLS Core network, what are the pro and cons to transport in the core the public internet routes (the full 120.000 prefixes) as VPN-V4 prefixes and announce them through a VRF rather than as common global routes ? What are the trends in terms of security vs memory vs stability ? Thanks in advance.
The biggest benefit to using a VRF as I see it is that you will help prevent accidental redistribution of internet routes to VPN customers. Biggest downside: $VENDOR_C and $VENDOR_R SEs will tell you that their boxen will croak if you do it. Solution: $VENDOR_J does support it. -David Barak --- m.rapoport@completel.fr wrote:
Hello again, Another question for BGP VPN experts. If you provide Internet access and VPN service on the same MPLS Core network, what are the pro and cons to transport in the core the public internet routes (the full 120.000 prefixes) as VPN-V4 prefixes and announce them through a VRF rather than as common global routes ? What are the trends in terms of security vs memory vs stability ?
Thanks in advance.
===== David Barak -fully RFC 1925 compliant- __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com
participants (2)
-
David Barak
-
m.rapoport@completel.fr