[c-nsp] route-target import on non-leaking PEs
Saku Ytti
saku at ytti.fi
Thu Dec 13 02:41:19 EST 2012
On (2012-12-12 16:12 -0500), Jason Lixfeld wrote:
> Sure. I carry the entire Internet routing table inside a VRF. I suppose for all intents and purposes this could be considered the 'services' VRF you spoke of. I have another VRF, call it the customer VRF, which needs Internet access, so through the Internet VRF. I'm trying to just stick a default route from the Internet VRF into the Customer VRF to accomplish that. Naturally, Internet destinations would need to know how to send their return traffic back to the customer VRF, so those Customer VRF routes would have to get leaked into the Internet VRF for reachability.
>
> Not sure if that helps clarify or helps confuse :)
You can consider your Internet PE as 'HUB' and VRF which need this service
as 'SPOKE'.
So you'd allocate two new RT.
42:1 -> Set in export map in HUB for 0.0.0.0/0
42:2 -> Imported at HUB
Now when you provision customer who needs INET, you do:
ip vrf CUST1
route-target export 42:2
route-target import 42:1
!
The customer already having its 'route-target both 42:X' in place, for
internal access.
Sure if you have lot of customers already, it takes bit of work. But key
value is that your provisioning work is local, you only touch the PE where
you add customer, not two (three, four, if you have redundancy in HUB)
places.
--
++ytti
More information about the cisco-nsp
mailing list