Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
542
Views
5
Helpful
4
Replies

General MPLS question (Repost)

noroutes4u
Level 1
Level 1

‎04-07-2008 10:45 AM

I have many separate offices connected to my access switch and I am providing their internet access. These customers do not need to "see" each other. How do I aggregate them into one pw out to the internet? I know that H-VPLS could do the same, but that requires hardware that I do not have (7600). Could I accomplish the same task with my current 6509 in the core and 3750 and 400 series access switches? Any help would be greatly appreciated.

Labels:
0 Helpful
4 Replies 4

mheusing
Cisco Employee
Cisco Employee

‎04-10-2008 03:53 AM

Hi,

In case you want to use VRFs you can achieve this by

1) configure MP-BGP on your 6509

2) connect each separate office/VLAN in a separate VRF

3) create an Internet VRF and insert a default route

4) import all office routes into the Internet VRF and exort the default route to all office VRFs

5) connect the Internet VRF directly to a firewall preventing office to office connectivity, doing the NAT and secure everything against the internet.

The last point is important, because if you connect a router to the internet VRF, it would have all offoce routes and would again interconnect them. Basically one office A would be able to send packets to another office B by first following the default route and the CE would then send the packets back to the office B based on longest match routing.

A second option would be to use a FWSM separate the different offices by using the firewall functionality. This would also allow for greater control and optionally for office to office traffic, if this requirement would ever arise.

Hope this helps!

Regards, Martin

0 Helpful

noroutes4u
Level 1
Level 1
In response to mheusing

‎04-10-2008 06:15 AM

Thank you for the response.

I am not too familiar with MP-BGP.

Do you have a sample configuration that I can follow?

0 Helpful

mheusing
Cisco Employee
Cisco Employee
In response to noroutes4u

‎04-11-2008 01:53 AM

Hi,

Sure there are eyamples for various scenarios in the "Cisco IOS Multiprotocol Label Switching Configuration Guide".

For your scenario - many clients accessing a common service without client-client connectivity - you find the explanations and example configurations e.g. at "Configuring Scalable Hub-and-Spoke MPLS VPNs"

http://www.cisco.com/en/US/docs/ios/12_3/rewrite/mpls/mpbkhalf.html

Hope this helps! Please use the rating system.

Regards, Martin

noroutes4u
Level 1
Level 1
In response to mheusing

‎04-11-2008 07:17 AM

Thanks Martin.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents