Why does it need to be routed?
Brian McGahan, CCIE #8593 (R&S/SP/Security), CCDE 2013::13
bmcgahan_at_INE.com
Internetwork Expert, Inc.
http://www.INE.com
On Feb 21, 2013, at 7:59 AM, "Tony Singh" <mothafungla_at_gmail.com> wrote:
> Gilles
>
> Thought so cheers will check it out...
>
> If we do have contexts still the ASA has only max 2 ospf processes, not
> scalable in that regard...?
>
> Ryan - need to have it routed bro
>
>
> On 21 February 2013 13:40, Gilles Fabre <fabre.gilles_at_voila.fr> wrote:
>
>>
>> If I remember well, dynamic rouiting support in multi-context was one
>> major enhancement of 9.0 version
>> ASA.8.x supported only static routing when configured with contexts
>>
>> RD/RT won't be transmitted except you use MP-BGP
>> Contexts only allow segmentation of security domlains in relation with VRF
>> routing domains (more to be used with VRF-lite setups in my mind)
>>
>>
>>
>>
>>> Message du 21/02/13 ` 14h31
>>> De : "Tony Singh"
>>> A : "Carlos G Mendioroz"
>>> Copie ` : "Cisco certification"
>>> Objet : Re: OT - vrf through asa
>>>
>>> Hi Carlos
>>>
>>> The thought did cross my mind, im sure I did see something about dynamic
>>> routing being supported in multi-context mode, I may have been dreaming
>>> however as can't find nothing on this...
>>>
>>> It might not be required depending on the way you set the context's up,
>>> will check Brian's video again..
>>>
>>> Question in vrf-lite how does the RD/RT get exported? is it within the
>> ospf
>>> multicast dbd? I know with MPBGP it is transported in the extended
>>> communities value packet, confused on this bit..and would the ASA ignore
>>> the RD/RT but look at the source/dest ipv4 addr
>>>
>>> Thanks bro!
>>>
>>> Tony
>>>
>>>
>>> On 21 February 2013 12:34, Carlos G Mendioroz wrote:
>>>
>>>> You may try 2 contexts, and have different routing domains
>>>> (inbound/outbound) in each ?
>>>> -Carlos
>>>>
>>>> Tony Singh @ 21/02/2013 09:29 -0300 dixit:
>>>>
>>>>> can get this working from PE > CE > Switch > trunk > trunk > Switch >
>> CE >
>>>>> PE
>>>>>
>>>>> any solution available going through ASA say if I wanted to do IPS
>> DPI and
>>>>> other
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 21 February 2013 12:02, Tony Singh wrote:
>>>>>
>>>>>
>>>>>> Hi
>>>>>>
>>>>>> I know ASA's are not vrf aware unless latest code supports this...
>>>>>>
>>>>>> I have customer routing tables separated by vrf's CE to PE is MPBGP,
>> and
>>>>>> IGP is OSPF vrf-lite on CE's
>>>>>>
>>>>>> Is there anyway to get the customer traffic through the ASA's
>>>>>> dynamically,
>>>>>> max OSPF processes the ASA's support is 2
>>>>>>
>>>>>> Is their any benefit in passing this traffic through the ASA's
>>>>>>
>>>>>> what would you guys do?
>>>>>>
>>>>>> Topology
>>>>>>
>>>>>> Site 1 PE > CE > ASA > Switch > trunk > trunk > Switch > ASA > CE >
>> PE
>>>>>> Site 2
>>>>>>
>>>>>> Thanks in advance
>>>>>>
>>>>>> Tony
>>>>>>
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> ______________________________**______________________________**
>>>>> ___________
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/**list/CCIELab.html
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>> --
>>>> Carlos G Mendioroz LW7 EQI Argentina
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>> ___________________________________________________________
>> Qu'y a-t-il ce soir ` la tili ? D'un coup d'�il, visualisez le programme
>> sur Voila.fr http://tv.voila.fr/programmes/chaines-tnt/ce-soir.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Feb 21 2013 - 10:33:20 ART