[c-nsp] Blackholing looped traffic

Tim Franklin tim at colt.net
Tue Aug 30 11:14:12 EDT 2005


> I acknowledge the problem in this specific case. I guess Half-Duplex
> VRFs on the central-site CE could be a solution here, i.e. using a
> different routing table for upstream and downstream. As far as I know,
> this concept is currently only available on virtual-access 
> interfaces to
> easily prevent direct spoke communication on broadband PE's, not sure
> when it will be universally be available (haven't checked). 
> Until then,
> PBR or ACLs seems like the only feasible approach.

Hehe... one of the "solutions" I got to was esentially building half-duplex
pipes by appropriate manipulation of route-targets and the CE-PE routing
protocols.  It's good to know I'm merely twisted and not actually crazy ;)

Regards,
Tim.

-- 
____________   Tim Franklin                 e: tim at colt.net 
\C/\O/\L/\T/   Product Engineering Manager  w: www.colt.net 
 V  V  V  V    Managed Data Services        t: +44 20 7863 5714 
Data | Voice | Managed Services             f: +44 20 7863 5876  




More information about the cisco-nsp mailing list