[c-nsp] PBR or VRF

Jon Lewis jlewis at lewis.org
Thu Dec 1 09:36:58 EST 2005 

On Wed, 30 Nov 2005, james edwards wrote:

> Sales came up with a solution and now I have to implement it. There is a
> main office and outlying offices, each has a T-1 (integrated voice and data)
> into our cloud (CBX-500 network) and as luck would have it this all comes
> together on one router. It looks like a hub and spoke network with the hub
> being this router. The main office also has DSL with us; to save some $$ all
> the outlying offices will send internet bound traffic to the main office on
> the DSL, which defaults back to us. Any on net traffic (traffic bound to
> addresses on our network) will take the normal route across our network.

We do something that sounds similar to this with MPLS VPN customers.  If 
this were our customer and we were hooking them up with MPLS VPN, the 
typical way to go would be to put all the T1's into a VRF.  All the 
offices would likely use subnets from RFC1918 space.  Each outlying office 
default routes to the router of ours they connect to.  The main office 
would have a static route(s) for the 1918 space used at the outlying 
offices to us, and a default route to the DSL router that NATs and 
provides internet access to both the main office and outlying offices via 
the main office.  If they want to save on bandwidth at the main office T1 
or just want things done more efficiently and don't need a central point 
of control for internet access, you can run frame relay over PTP T1s and 
give each office a VRF PVC and an internet PVC.

Since you say all these offices connect to the same 7206, I suspect you 
could get away with doing this inside a VRF without actually doing MPLS 
VPN.  AFAIK, you'd only need MPLS VPN if you wanted to route traffic in 
VRFs over your existing network between multiple routers.

With the VOIP in use, we'd generally set up QoS service policies on the 
CPE uplink and PE customer facing interfaces to priority queue the VOIP 
traffic and keep their non-VOIP IP traffic from impacting the VOIP 
traffic.

----------------------------------------------------------------------
  Jon Lewis                   |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

More information about the cisco-nsp mailing list