[j-nsp] l3vpn

Pablo Varela pablo at pabloylola.com
Thu Oct 20 04:52:48 EDT 2005


As I see it for traffic incoming from the switch interface you can
probably do it with port mirroring (maybe using a tunnel PIC) which in
itself is a great monitoring tool.

For traffic outgoing to the switch you will have to replicate the
packets changing MAC addresses and I think that's done on the PIC so it
will probably require a new HW design, which is probably not cheap :-)

I think here we are experiencing the "driving a screw with a hammer"
syndrome and designing solutions based on our previous knowledge of
another platform in which things were done differently (I know because
it has happened to me a lot - i.e. next-hop-self on iBGP)

Pablo

On Thu, 20 Oct 2005 10:35:39 +0200, "Alexander Arsenyev (GU/ETL)"
<alexander.arsenyev at ericsson.com> said:
> <quote>
> Are you expecting the packets to be replicated 3 times and switched 
> around into each instance ? If not, what sort of semantics do you have 
> in mind ? i.e. in your view what would happen to a packet ?
> 
>    Pedro.
> </quote>
> Actually, on a second thought I believe that replication of packets into
> different VRFs is an interesting idea. Replicating packets into more than
> 2 VRFs is going to be a bit taxing :-) but anyway - imagine 2 VRFs on a
> single interface, one VRF for traffic and second having functionality
> equivalent to Cisco RSPAN VLAN. Cheap "out-of-the-box" monitoring tool
> :-)
> Any thoughts?
> Regards
> Alex
> 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp


More information about the juniper-nsp mailing list