I'm currently working on the vrf lite concept and i'm wondering how strong the vrf isolation can be. Is there any way coming from a VRF to jump to another ? Are there any well-known exploits ?
Between a heavy vlan architecture with routing intervlan enable, access-list filtering and a VRF Lite architecture with route-map to decide with packet can be routed from a vrf to another, which architecture is the more secure ?
Do you have some links or white papers dealing with this topik ?