once again, i have to choose between design opinions and I'd like to hear about your exeperiences... Now referred to internet access.
I have several customer needing to learn full internet routing and stablishing bgp connection with our PE's (for access backup pourposes).
When needing to use more specific than default routes, it's said to be more conventient to use global routing tables to distribute full internet routes, in order to save memory on the PE's.
Now my doubt: if this design forces me to use diferent subinterfaces and VRF's for a client needing both VPN and internet access, and knowing that maybe I could use the same vpn for providing internet to all our customers, sho internet routes will be available in just one VRF... wouldn't it be cleaner using just one vpn (and one vrf in every PE router) for internet access for all the customer (yet Knowing it will use three times more memory)...?
know ebgp sessions in a PE could be stablished through de internet access vrf. Moreover, any client needing private VPN could use a diferent (sub)interface
what do you think about? global routes or just one vrf carrying internet routes?
Well, both are good options, and we have designed networks for SP's with both these options. The deciding factor for them however has been, the requirements form the INternet Service, Wthether this service is for A) End customer who want default or partial/full routing table. Or wtherther this service is for a B) ISP who can serve his TIer 2/3 ISP customer.
A) For End Enterprise Customers.
If its meant for end customer who simply want a default route and some customer who may want partial/full routes but who arent ISP's then You can consider the VRF solution, as it would be very easy for you to provision and deprovision within the network. Just a little more load on the memory but since its one VRF your typical PE can handle the Internet in a VRF with 1 gig of MEM.
B) For Tier2/3 ISP Customers
Now if its for your T2/T3 ISP customer, then the VRF method has certain drawbacks,
Drawback ) ISP customers dont want a single best route coming to them from a RR, Since you are their provider ISP you would be having many connection to upstream peering points and NAP/IXP. So your ISP customers want all these routes so they can themselves decide the best route for different service requirements of their end customer.
Solution) Now if you have to give all these routes to the ISP you have to assign a different RD value for ech upstream peering point,
Caveat) This ould increase your memory requirement on the PE's and RR's tremendously as they would be holding duplicates of you Internet Routing table bcos of different RD values.
Differen Approach ) Having said that, some ISP's have implemented the best of both world, but it comes with cost constraints. You can extend you IBGP of the Internet AS withing a VRF, that is infra routes only within VRF and have dedicated Internet Peering Edge Routers at all locations where you consider to provide this service to ISP's, so you extend you IBGP using the VRF, hence none of the P or PE routes hold no internet routes in any form, they only have the infra routes in the VRF. using these Infra routes, the Internet Peering Edge Routers form IBGP with a Internet RR which is your dedciated regular RR for Internet routers, and exchange all internet routes, and give them to your downstream ISP customers.
Global Routing Table )
Ntohign wrong with this, method, everything works as it was working before your MPLS network was there, except the fact that your intermediate routers dont hold Internet Tabel and its a BGP Free Core.
This is better than the VRF option A method
as you wont hold internet routing table with more memory which is bcos of the VPNV4. And the Second VRF option B is far superior to this method but with added one time cost.
1. Introduction Internet security is important with the increasing
attacks that are happening every day. Many internet and browsing
security solutions exist, but some are not very easy to use or maybe the
question is how can I enable them? In this referen...
Cisco Software Manager Server API Guide This document describes the
programmatic interfaces, RESTful APIs, which are supported by Cisco
Software Manager Server (CSM Server). Overview CSM Server supports a set
of finite RESTful APIs. The first step to use ...
If you are using Cisco's new linux-based Cisco Software Manager server,
then you probably want to make sure there is a startup service for
it.I'll assume that you've already installed the CSM server on a
systemd-based linux system. The commands given belo...