From: Ronnie Angello (ronnie.angello@gmail.com)
Date: Tue Feb 10 2009 - 19:37:29 ARST
I understand your concerns there. Look into DMVPN and GET VPN. MPLS
VPN is great but should not be considered a secure medium in my
opinion. You are trusting the provider with your routing information.
What's preventing them from making a mistake and dropping another
customer site into your VRF?
On Tue, Feb 10, 2009 at 3:44 PM, voice guru <guru.voice@gmail.com> wrote:
> Hi Experts,
>
> Well if we have 50 sites connected over MPLS cloud of Telco and have full
> mesh connectivity, we could redistribute our internal routing protocol into
> BGP of SP and have full mesh connectivity between the sites. But if we have
> to achieve fullmesh connectivity with out redistributing internal routing
> protocol into BGP or lets say we want to hide the internal IP domain from
> Telco/SP but still have fullmesh connectivity.
>
> I see it tunneling internal traffic over MPLS network by sharing just one ip
> subnet, but how about creating 50 tunnel interface on each router and think
> about 50 OSPF neighbors if we are running ospf internally, I am sure there
> will be more better options doing it such as NHRP etc..
>
> do some of you experts have done similar excercise then please do share, or
> provide your advises and Ideas.
>
> Thanks in advance,
> Guru
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Ronald Angello CCIE #17846Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST