[c-nsp] VRF and BGP ?
Jeff Fitzwater
jfitz at Princeton.EDU
Mon Feb 9 16:01:12 EST 2009
I am running 12.2.SXI on a 6500 with sup-720
I currently have 3 full BGP peers with two on I1 and one on I2.
I now need a fourth peer with ESNet (gov ISP) but only allow two /22
net from Princeton U. access to ESNet.
My dilemma is how to only let the two nets see the additional ESNet
routes so that no other host on campus will try and use the ESNET
routes and fail.
I have not used the VRF feature yet, but it appears that it might do
the trick if I can create a separate routing domain with just ESNet
routes, and then point only the two nets to the VRF so they check the
ESNet table first and if not present fall thru to the global table.
I should be able to use a ROUTE-MAP to accomplish this.
From the doc it states that I can create a VRF and import routes from
the global table but that means everybody will still see the routes to
ESNet ( I would guess anyway).
Can I peer directly with the VRF without doing an import from the
global table so only it has the ESNet routes?
Does anybody have any suggestions on this issue?
Thanks for any help.
Jeff Fitzwater
OIT Network Systems
Princeton University
More information about the cisco-nsp
mailing list