[j-nsp] Separate internet transit network versus converged
tarko at lanparty.ee
Mon Mar 28 07:36:02 EDT 2016
> Given our current network architecture, we have not found a significant
> technical or commercial reason to separate VPN traffic from Internet
> traffic as a function of what that will cost us in money and human terms.
Every network is different and YMMV.
In our case, we run BGP-free MPLS aggregation and BGP-free core. All IP
services, be L3VPN or inet, are terminated in separate edge boxes. Edge
boxes are only connected to core and are not in traffic path for other
traffic (typical aggregation-edge-core is not the case for us). Traffic
from aggregation to edge are transported in PW.
We are major provider for Estonia and Estonian government, banks etc.
Almost all of the GOV services, banking etc. depends on our network and
lives in L3VPN. So it's not really a capex/opex issue but more of a PR one.
More information about the juniper-nsp