RE: Internet access for MPLS VPN customers

From: Ramya S (ramya_1975@hotmail.com)
Date: Mon Jun 18 2007 - 14:57:33 ART

• Next message: Guyler, Rik: "RE: RE: RE : Attack by Proctor"
• Previous message: cisco efiko: "Re: RE: RE : Attack by Proctor"
• Maybe in reply to: Ramya S: "Internet access for MPLS VPN customers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thank you Douglas, Scott and Tarun.

Ramya Sen

> Date: Mon, 18 Jun 2007 07:52:23 -0400> From: dtodd@partners.org> To:
ramya_1975@hotmail.com> CC: pahujat@gmail.com; ccielab@groupstudy.com>
Subject: Re: Internet access for MPLS VPN customers> > Ramya:> > I would
believe that this would depend on a few things:> > 1) supportability of the
design> 2) limitations within mpls and nat> 3) address space limitations
(public/private)> 4) basic architecture of your design> 5) redundancy> >
Personally, I would nat as close to the source as possible. This keeps > the
tables, rules and access-lists off the core equipment and onto the > ce
equipment.> > A default route is the easiest way to go and makes things less >
complicated when you need to troubleshoot a vpn routing issue.> > This is the
way we go with our setup.> > DMT> > Ramya S wrote:> > Hello Tarun,> > > >
Thank you for the reply.> > The method you suggested seems to be the best way.
I think many big sp's use> > what you suggested . If the vpn customers are
using private addresses then we> > can use vrf aware nat. Should we use nat at
the local pe router or at the> > remote internet pe router? Which would be a
better way to accomplish?> > > > Thanks,> > Ramya Sen> > > > > > > >> Date:
Sat, 16 Jun 2007 04:19:27 +0530> From: pahujat@gmail.com> To:> >
ramya_1975@hotmail.com> Subject: Re: Internet access for MPLS VPN customers>>
> CC: ccielab@groupstudy.com> > Ramya,> The most common way to provide
Internet> > access to VPN> customers that I have seen is by providing them
with a default> > route. The> VPN provider implements an Internet Vrf where it
receives all the> > routes> from the Internet. This vrf also contains a
default route generated by> > the> internet gateway. Customer Vrfs import this
default default and export> > their> network routes to the Internet vrf for
network reachability.> > CCO> > mentions about some other ways of providing
Internet connectivity to>> > customers, the following examples talks about
using global routing table to>> > provide Internet connectivity.> >> >
http://www.cisco.com/warp/public/105/internet_access_mpls_vpn.html> > HTH,>> >
Tarun Pahuja> CCIE#7707(R&S,Security,SP,Voice,Storage),CCSI> >> >

• Next message: Guyler, Rik: "RE: RE: RE : Attack by Proctor"
• Previous message: cisco efiko: "Re: RE: RE : Attack by Proctor"
• Maybe in reply to: Ramya S: "Internet access for MPLS VPN customers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:49 ART