[c-nsp] Restrictions for NAT Integration with MPLS VPNs
Joe Maimon
jmaimon at ttec.com
Sat Mar 19 23:51:35 EST 2005
Volodymyr Yakovenko wrote:
> On Fri, Mar 18, 2005 at 06:04:20PM +0100, Oliver Boehmer (oboehmer) wrote:
>
<snip>
>
> One more shared services related thing - are there any plans to make inter-VRF
> leaks be presented as logical interface instance with possibility to enforce
> in/out ACLs on particular inter-VRF leak?
>
Well this is kind of what I am working on...only manually with loopback
on two ethernet's (or frame or atm or even with gre tunnels)
From what I can tell that is the best current mechanism for routing
between VRF's without hopping out of the chassis or using static
inter-vrf routes.
Inter-vrf 'tunnel' interfaces without any overhead would be quite nice
especially if they promised greater performance than current mechanisms.
Perhaps
!
interface tunnel10
ip vrf forwarding RED
tunnel source vrf RED
tunnel destination vrf GREEN Tunnel11
tunnel mode vrf-no-encapsulation
ip address 10.10.10.1 255.255.255.252
!
interface tunnel11
ip vrf forwarding GREEN
tunnel source vrf GREEN
tunnel destination vrf RED Tunnel10
tunnel mode vrf-no-encapsulation
ip address 10.10.10.2 255.255.255.252
!
Or whatever. But I am not holding my breath.
More information about the cisco-nsp
mailing list