[c-nsp] Internet vrf, pros and cons
Mark Tinka
mtinka at globaltransit.net
Wed May 7 09:31:32 EDT 2008
On Wednesday 07 May 2008, Pete Templin wrote:
> What software and hardware are you using?
JunOS (M-series) and IOS (7200-VXR).
> If it's "the
> right stuff", there was a neat presentation at NANOG42
> that showed a cool way to enforce peering policy on an
> interface, without having to dedicate a router to the
> task. See http://www.nanog.org/mtg-0802/norton.html and
> view David Smith's presentation.
Yes, we are familiar with QPPB.
We use it quite extensively for one of the products we sell;
and yes, it is very neat. Offers far more scalability and
manageability for providing restricted access (and
services, thereof) to specific routes in the network.
However, for the particular situation I described earlier,
we feel a VRF would be a simpler solution, especially on a
software router.
Juniper's DCU feature also accomplishes the same task as
QPPB.
> Admittedly, it's only
> on 12000 E3/E5, XR 12000, CRS-1, and "other IOS routers
> also"...
It's supported on the 7200-VXR.
> which translates to "not in 6500/7600"
> unfortunately.
This is due to a hardware limitation on these particular
platforms. Have a word with your SE for details.
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: This is a digitally signed message part.
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20080507/77e9fb95/attachment.bin
More information about the cisco-nsp
mailing list