[j-nsp] l3vpn

Saku Ytti saku+juniper-nsp at ytti.fi
Wed Oct 19 11:28:56 EDT 2005 

On (2005-10-19 17:20 +0200), Alexander Arsenyev (GU/ETL) wrote:

> OK, how the return packets are going to be routed/forwarded? 

I can answer for cisco.

vrf selection source 12.2.2.0 255.255.255.0 vrf vrf1
vrf selection source 13.3.3.0 255.255.255.0 vrf vrf2
!
int foo
 ip vrf select source
 ip vrf receive vrf1
 ip vrf receive vrf2
 ip address 10.0.0.1 255.255.255.0
!
ip route vrf1 12.2.2.0 255.255.255.0 10.0.0.5
ip route vrf2 13.3.3.0 255.255.255.0 10.0.0.42
!

Ingress:
 Match on source address, and place to correct VRF
Egress:
 You know the next-hop, by static or by routing protocol,
 just push packet there blindly and hope the remote ends
 knows what to do with it. (either it's also running
 vrf-select, or then it's global table CPE for customer
 in that VRF)

Please don't ask me why you would like to do this :)

> Cheers
> Alex
> 
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net]On Behalf Of Pablo Varela
> Sent: 19 October 2005 16:16
> To: Saku Ytti; juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] l3vpn
> 
> 
> You can do that with firewall filters (then routing-instance).
> 
> Pablo
> 
> On Wed, 19 Oct 2005 17:59:01 +0300, "Saku Ytti"
> <saku+juniper-nsp at ytti.fi> said:
> > On (2005-10-19 16:49 +0200), Alexander Arsenyev (GU/ETL) wrote:
> > 
> > > If that would be possible how does router decide which packet to place into which VRF?
> > > Based on source MAC maybe? Hint: use different subinterfaces or GRE tunnels.
> > 
> >  Cisco has features called 'VRF selection based on (source ip|policy
> >  based
> >  routing)'. But I don't recall JunOS having similiar feature yet.
> > 
> > -- 
> >   ++ytti
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/juniper-nsp
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
> 

-- 
  ++ytti

More information about the juniper-nsp mailing list