[c-nsp] PVLAN
Mathias.Kenfack-Tabakem at TelecityRedbus.com
Mathias.Kenfack-Tabakem at TelecityRedbus.com
Fri Jun 30 04:14:21 EDT 2006
Thanks A I will be redesigning the peering lan to get away with the
peering lan. So I will use /30 for the peering.
Thanks for your help.
Mathias,
-----Original Message-----
From: Asbjorn Hojmark - Lists [mailto:lists at hojmark.org]
Sent: Thursday, June 29, 2006 11:12 PM
To: Mathias Kenfack-Tabakem (LON)
Cc: cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] PVLAN
> Remember that all these providers connect to me on the same
> vlan.
Why?
Change it to multiple routed interfaces (one per peer) and you
have full control. If, in the future, you want to allow them to
exchange traffic via you, set up a BGP policy to reflect that.
L3 is Good(TM).
Anyway, if you insist on filtering within a VLAN on the switch,
then you should look at VACLs (VLAN Access Control Lists, also
called VLAN access-maps). That's what they're for. And yes, you
can filter on MAC addresses.
-A
This e-mail is intended only for the use of the addressees named above and may be confidential.
If you are not an addressee you must not use any information contained in nor copy it nor inform any person other than the addressees of its existence or contents.
More information about the cisco-nsp
mailing list