Re: OT - vrf through asa

http://www.quickmeme.com/meme/3t33zq/ ;-)

-- 
Brian Dennis, CCIEx5 #2210 (R&S/ISP-Dial/Security/SP/Voice)
bdennis_at_ine.com
INE, Inc.
http://www.INE.com
On 2/21/13 8:47 AM, "Ronnie Angello" <ronnie.angello_at_gmail.com> wrote:
>Nice number ;)
>
>On Thu, Feb 21, 2013 at 11:33 AM, Brian McGahan <bmcgahan_at_ine.com> wrote:
>
>> Why does it need to be routed?
>>
>>
>> Brian McGahan, CCIE #8593 (R&S/SP/Security), CCDE 2013::13
>> bmcgahan_at_INE.com
>>
>> Internetwork Expert, Inc.
>> http://www.INE.com
>>
>> On Feb 21, 2013, at 7:59 AM, "Tony Singh" <mothafungla_at_gmail.com> wrote:
>>
>> > Gilles
>> >
>> > Thought so cheers will check it out...
>> >
>> > If we do have contexts still the ASA has only max 2 ospf processes,
>>not
>> > scalable in that regard...?
>> >
>> > Ryan - need to have it routed bro
>> >
>> >
>> > On 21 February 2013 13:40, Gilles Fabre <fabre.gilles_at_voila.fr> wrote:
>> >
>> >>
>> >> If I remember well, dynamic rouiting support in multi-context was one
>> >> major enhancement of 9.0 version
>> >> ASA.8.x supported only static routing when configured with contexts
>> >>
>> >> RD/RT won't be transmitted except you use MP-BGP
>> >> Contexts only allow segmentation of security domlains in relation
>>with
>> VRF
>> >> routing domains (more to be used with VRF-lite setups in my mind)
>> >>
>> >>
>> >>
>> >>
>> >>> Message du 21/02/13 ` 14h31
>> >>> De : "Tony Singh"
>> >>> A : "Carlos G Mendioroz"
>> >>> Copie ` : "Cisco certification"
>> >>> Objet : Re: OT - vrf through asa
>> >>>
>> >>> Hi Carlos
>> >>>
>> >>> The thought did cross my mind, im sure I did see something about
>> dynamic
>> >>> routing being supported in multi-context mode, I may have been
>>dreaming
>> >>> however as can't find nothing on this...
>> >>>
>> >>> It might not be required depending on the way you set the context's
>>up,
>> >>> will check Brian's video again..
>> >>>
>> >>> Question in vrf-lite how does the RD/RT get exported? is it within
>>the
>> >> ospf
>> >>> multicast dbd? I know with MPBGP it is transported in the extended
>> >>> communities value packet, confused on this bit..and would the ASA
>> ignore
>> >>> the RD/RT but look at the source/dest ipv4 addr
>> >>>
>> >>> Thanks bro!
>> >>>
>> >>> Tony
>> >>>
>> >>>
>> >>> On 21 February 2013 12:34, Carlos G Mendioroz  wrote:
>> >>>
>> >>>> You may try 2 contexts, and have different routing domains
>> >>>> (inbound/outbound) in each ?
>> >>>> -Carlos
>> >>>>
>> >>>> Tony Singh @ 21/02/2013 09:29 -0300 dixit:
>> >>>>
>> >>>>> can get this working from PE > CE > Switch > trunk > trunk >
>>Switch >
>> >> CE >
>> >>>>> PE
>> >>>>>
>> >>>>> any solution available going through ASA say if I wanted to do IPS
>> >> DPI and
>> >>>>> other
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> On 21 February 2013 12:02, Tony Singh  wrote:
>> >>>>>
>> >>>>>
>> >>>>>> Hi
>> >>>>>>
>> >>>>>> I know ASA's are not vrf aware unless latest code supports
>>this...
>> >>>>>>
>> >>>>>> I have customer routing tables separated by vrf's CE to PE is
>>MPBGP,
>> >> and
>> >>>>>> IGP is OSPF vrf-lite on CE's
>> >>>>>>
>> >>>>>> Is there anyway to get the customer traffic through the ASA's
>> >>>>>> dynamically,
>> >>>>>> max OSPF processes the ASA's support is 2
>> >>>>>>
>> >>>>>> Is their any benefit in passing this traffic through the ASA's
>> >>>>>>
>> >>>>>> what would you guys do?
>> >>>>>>
>> >>>>>> Topology
>> >>>>>>
>> >>>>>> Site 1 PE > CE > ASA > Switch > trunk > trunk > Switch > ASA >
>>CE >
>> >> PE
>> >>>>>> Site 2
>> >>>>>>
>> >>>>>> Thanks in advance
>> >>>>>>
>> >>>>>> Tony
>> >>>>>>
>> >>>>>
>> >>>>>
>> >>>>> Blogs and organic groups at http://www.ccie.net
>> >>>>>
>> >>>>> ______________________________**______________________________**
>> >>>>> ___________
>> >>>>> Subscription information may be found at:
>> >>>>> http://www.groupstudy.com/**list/CCIELab.html
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>> --
>> >>>> Carlos G Mendioroz  LW7 EQI Argentina
>> >>>
>> >>>
>> >>> Blogs and organic groups at http://www.ccie.net
>> >>>
>> >>> 
>>_______________________________________________________________________
>> >>> Subscription information may be found at:
>> >>> http://www.groupstudy.com/list/CCIELab.html
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>
>> >> ___________________________________________________________
>> >> Qu'y a-t-il ce soir ` la tili ? D'un coup d' il, visualisez le
>>programme
>> >> sur Voila.fr http://tv.voila.fr/programmes/chaines-tnt/ce-soir.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > 
>>_______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
>
>Blogs and organic groups at http://www.ccie.net
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net