iBGP peering with client

Unanswered Question
Jul 26th, 2010


We have an existing network (4 POPS all 7200s) that run MPLS/iBGP and eBGP to IP transit providers - We have a new client that wants to peer with us so that we can provision a large number of vrf's for them without having to have seperate vlan/dot1q interface per-vrf.

Our existing 7200's peering is all utilising our own AS - What is the preferred(i.e. Most "secure") way to peer with this new client so that they only have visibility into there own vrf's?

Would we setup a "private" AS with this client, and have something similiar to:

ip vrf new_client_a
rd 1111:1
route-target export 1111:1
route-target import 1111:1
maximum routes 256 75

router bgp 1111
neighbor xxx.xxx.xxx.xxx peer-group NEWCLIENT-MPLS-VPN-PEERS

address-family vpnv4
neighbor NEWCLIENT-MPLS-VPN-PEERS send-community extended
neighbor xxx.xxx.xxx.xxx activate

address-family ipv4 vrf new_client_a
redistribute connected
redistribute static
default-information originate

interface Port-channel1.150
description new_client_a_tail
encapsulation dot1Q 150
ip vrf forwarding new_client_a
ip address

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion

Related Content