[c-nsp] Full Internet Table in VRF
Saku Ytti
saku+cisco-nsp at ytti.fi
Fri Dec 30 01:47:52 EST 2005
On (2005-12-29 14:50 -0700), Erich Borchert wrote:
> I am wondering everyone's opinion on creating vrf's with the full
> internet table in them. VRF X for all peers and VRF Y for inexpensive
> peers, on cisco 7600's with pfc3bxl. The global table will be very
> small just igp routes to reach the BGP next-hop addresses of a PE and
> each vrf with carry full tables. When Customer A in vrf X needs to
> communicate with Customer B in vrf Y we create an import map on vrf X
> allowing prefix's from Customer B to be imported into vrf X's table, and
> conversely on vrf Y. I am wondering if the pfc3bxl can handle 600,000
> routes IPV4 + MPLS without croaking. (I know the product documentation
> claims one million of ipv4 routes).
Should work, Behringer states in his MPLS VPN Security book that
route on VRF uses about three times more memory than a route in
global table (chapter 4, internet access).
However, I'm not really sure what you're trying to accomplish,
if you're just trying to hide/protect the core, then I can fully understand.
But if you're trying to engineer for some memory conservation, then
this is not the road to go. You can happily import/export VRF
routes between two VRF customers as you wish and you can
access Internet table from VRF.
> Ideally, if the 7600 supported the import/export from vrf to global
> table and vice versa we could accomplish this with a default global
> table of all peers and one vrf for cheap peers.
>
> Regards,
> Erich Borchert
> CCIE #8891
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
--
++ytti
More information about the cisco-nsp
mailing list