[c-nsp] Internet inside a VRF?

Chuck Church chuckchurch at gmail.com
Tue Mar 13 22:35:06 EDT 2012 

In the past (though probably still true), there were plenty of management
things type things in 6500/7600 that didn't work in a VRF.  So if you wanted
to keep your management (SNMP, telnet/SSH, file copying, etc) separate from
your production traffic and you wanted it to work, you had to keep it in the
global table.  I haven't tried in SXJ, but there were still some broken in
SXI.  Not sure about the SRx train.  I've heard the Sup2T fixes most of the
remaining broken things.

Chuck

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jose Madrid
Sent: Tuesday, March 13, 2012 9:18 PM
To: Dan Armstrong
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Internet inside a VRF?

I would like to understand why you guys would do this? What is the reasoning
behind this? Super granular control? Cant this level of granularity be
achieved with route-maps?

Sent from my iPhone

On Mar 13, 2012, at 8:27 PM, Dan Armstrong <dan at beanfield.com> wrote:

> We have all our Internet peers and customers inside a VRF currently, and
our Cisco SE thinks we're stark raving mad, and should redesign and put
everything back in the global table.
>
>
> This is all on ASR 9Ks and 7600s.
>
>
>
>
>
> On 2012-03-13, at 8:12 PM, Pshem Kowalczyk wrote:
>
>> Hi,
>>
>> On 14 March 2012 11:59, Dan Armstrong <dan at beanfield.com> wrote:
>>> I know this topic has been discussed a million times, but just wanted to
get an updated opinion on how people are feeling about this:
>>>
>>>
>>> In a service provider network, how do people feel about putting the 
>>> big Internet routing table, all their peers and customers inside a 
>>> VRF?  Keep the global table for just infrastructure links.
>>
>> In my previous role we've done just that. One internet VRF for all 
>> transit functions, separate vrfs for peering and customers and 
>> import-export statements to tie them all together. All done on ASR1k 
>> (mainly 1006, but a few of 1002 as well).
>>
>> kind regards
>> Pshem
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list