[c-nsp] VRF and BGP ?

[Walter Keen]

I use VRF's quite a bit on 7600 and other platforms with internal OSPF
neighbors.  So long as the interfaces you are connecting with (dot1q
vlan's in my case most of the time) are associated with that vrf, you
should be able to do so, although, I've never tried to leak routes from
the global routing table into a VRF, or use BGP (in OSPF there is a vrf
tag you must use if I remember correctly).  Using VRF's will give you a
seperate routing table isolated from your global routing table however. 
I'm not an expert on this subject so if anyone has corrections, please
chime in.

Jeff Fitzwater wrote:
> I am running 12.2.SXI on a 6500 with sup-720
>
>
> I currently have 3 full BGP peers with two on I1 and one on I2.
>
> I now need a fourth peer with ESNet (gov ISP) but only allow  two /22
> net from Princeton U. access to ESNet.
>
> My dilemma is how to only let the two nets see the additional ESNet
> routes so that no other host on campus will try and use the ESNET
> routes and fail.
>
> I have not used the VRF feature yet, but it appears that it might do
> the trick if I can create a separate routing domain with just ESNet
> routes, and then point only the two nets to the VRF so they check the
> ESNet table first and if not present fall thru to the global table.  
> I should be able to use a ROUTE-MAP to accomplish this.
>
> From the doc it states that I can create a VRF and import routes from
> the global table but that means everybody will still see the routes to
> ESNet ( I would guess anyway).
>
>  Can I peer directly with the VRF without doing an import from the
> global table so only it has the ESNet routes?
>
> Does anybody have any suggestions on this issue?
>
>
> Thanks for any help.
>
>
>
> Jeff Fitzwater
> OIT Network Systems
> Princeton University
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/