[c-nsp] (no subject)
Michael Malitsky
malitsky at netabn.com
Thu Jun 21 15:30:09 EDT 2007
Hello,
We are in the process of deploying an MPLS network (carrier-provided) to
connect several customers to a data center. The customer locations are
all separate entities and need to be completely isolated from each
other. The carrier is now telling us that they will only announce a
full set of routes (either through BGP or statically) to all locations,
and will not do any filtering or policy routing, or anything else in the
core.
So question is, how do I make sure the various customer locations stay
segregated? I know the easy answer is to write ACLs on the CPE routers
(which I am providing), but since they are not under my physical
control, that makes me somewhat uneasy. Are there any better solutions?
Thanks,
Michael Malitsky
More information about the cisco-nsp
mailing list