[RE: [nsp] gre tunnel using loopback for source]
Streiner, Justin
streiner at stargate.net
Tue Jun 3 04:31:10 EDT 2003
On Mon, 2 Jun 2003, Pete Templin wrote:
> OSPF provides the most specific reachability, and the default route
> points the same way as well.
>
> I'm statically policy routing into the tunnels from a FastE
> subinterface, and following "normal" destination-based routing from the
> tunnel to the subinterface at the far end.
I originally tried this, but ran into scalability and administrative problems.
You may want to check out VRFs as another way to do what you're doing here.
Cisco's VRF documentation is a bit misleading. Since it's always
mentioned in the context of implementing an MPLS-based VPN, it's easy to
assume that you have to be running MPLS and/or a VPN to get any use out of
VRFs. Not so, as I found from a late-night caffeine-fueled tinkering
session...
I use it in conjunction with OSPF, GRE tunnels and a few static routes to
implement some VPN-like services. Replace the GRE tunnels with crypto
tunnels and it becomes a lot more VPN-like ;-) I can send a sample config
if you're interested.
jms
More information about the cisco-nsp
mailing list