[c-nsp] Logical Router Segmentation
Brad Hedlund
brhedlun at cisco.com
Sat Jan 10 01:45:01 EST 2009
On 1/9/09 8:54 PM, "Chris Burwell" <cburwell at gmail.com> wrote:
> http://www.hiddenone.net/Topology.pdf
Chris,
Thanks for the diagram. I can now visualize what you are trying to do. For
this to work as diagramed you will need to create two separate routing
instances on the "District Router", one for internal, one for external.
You would associate the internal VLANs to the internal instance, and the
external connections and their respective VLANs to the external routing
instance.
With a Cisco switch this would be easy to accomplish with a feature called
VRF-Lite, which creates separate discrete routing table instances, and
allows you to then you define which VLANs and interfaces belong to which
routing instances.
If the "District Router" is not Cisco, and does not support a feature like
VRF-Lite, you might need to buy a separate L3 switch or router to support
the external connections on the outside of the firewall. If a full BGP
table is NOT required, you might be able to do this on the cheap, such as a
Cisco 3560.
Cheers,
Brad Hedlund
bhedlund at cisco.com
http://www.internetworkexpert.org
More information about the cisco-nsp
mailing list