[c-nsp] Best way to filter local traffic from Internet traffic
Mark Tinka
mtinka at globaltransit.net
Tue Jun 10 20:59:38 EDT 2008
On Tuesday 10 June 2008, root net wrote:
> I do not think shaping traffic would work as I am not
> trying to throttle his traffic to everyone else but our
> local LAN I want to provide a circuit that only allows
> local LAN traffic meaning our directly connected
> customers routes only not any other routes. BGP would
> definitely work but I am not sure if we can do this with
> this customer. Is there an alternative towards BGP like
> with a ACL or route-map maybe?
If you have 2 links, this becomes a little trickier
especially for return traffic to the customer. As a
previous poster mentioned, it might mean using one link
until it fails, and then having the second one kick in.
If you have a single link, you can achieve what you need
with QPPB + MQC + BGP communities (ACL's don't scale; you'd
have to keep updating them with your/your customer's
prefixes).
If you need to maintain 2 links, then 802.3ad is your
friend. But AFAIK, IOS does not support channel-groups made
up of Ethernet VLAN sub-interfaces (other vendors do
support this, though, but I digres...).
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20080611/5e8f1d7e/attachment-0001.bin>
More information about the cisco-nsp
mailing list