The MPLS-OPS Archive

Cell Relay Retreat>MPLS-OPS Archive>month:2001-Dec> msg00036



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

Re: Fwd: FW: How to Differentiate Traffic ?

  • From: krishnak@sify.com
  • Date: Sat, 08 Dec 2001 14:35:05 +0500 (IST)
  • Cc: krishnak@sify.com, ccasey@bigfoot.com, "Chris C.," <theguber@hotmail.com>, mpls-ops@mplsrc.com
  • Resent-Date: Sat, 8 Dec 2001 05:49:49 -0500
  • To: raszuk@cisco.com, Robert Raszuk <raszuk@cisco.com>

Thanks to all,

I am able to make this VPN-nonVPN traffic work. Thanks for all those who sent suggestions.

Reg,
KK

 Robert Raszuk <raszuk@cisco.com>:

> KK,
> 
> > I wish there could be a way you can control the traffic on the
> physical interface of PE itself. Along with the command "ip vrf
> forwarding VPN1", some ACL, or route-map or some thing could have been
> provided.
> 
> Ok since you said it let me bring one way of doing it :). Yes we still
> don't support regular PBR in the vrf. On the other hand without
> touching
> CE you may configure a static route for any dst back to some other
> logical interface out of given vrf. That other logical interface may go
> to other vrf or to a global table of your PE. I believe that would
> solve
> your question as well as Chris need. 
> 
> Of course you need to also let the global RIB know about dst behind the
> vrf. For now in cisco the only way to do it via static but we have in
> our developemnt queue the way to make this vrf2global learning dynamic.
> 
> R.
> 
> > krishnak@sify.com wrote:
> > 
> > Hi Robert,
> > 
> > I agree with Chris in this case, with MPLS, what customer sees is a
> low end very simple CPE router. As a service provider, we too don't want
> much complexity and control on customer end routers. Also, there could
> be cases, where cusotmer end router does not support FR, or tunnel or
> what ever. (As far as I know, GRE tunnel on Cisco is not compatible with
> other vendor routers).
> > 
> > I wish there could be a way you can control the traffic on the
> physical interface of PE itself. Along with the command "ip vrf
> forwarding VPN1", some ACL, or route-map or some thing could have been
> provided.
> > 
> > Regards,
> > KK
> > 
> >  "Chris C.," <theguber@hotmail.com>:
> > 
> > > Robert,
> > >
> > > Let me clarify a little. This is for a service Providers network.
> Let me
> > >
> > > make some comments below:
> > >
> > >
> > >
> > > > >
> > > > > 1. You have a CPE that does not support this? Like a DSL Bridge
> as
> > > an
> > > > > example.
> > > >
> > > >I am surprise that you would connect DSL bridge directly into the
> PE.
> > > >Usually it goes to NAS then via some L2 encapsulation (for example
> > > l2tp)
> > > >to PEs.
> > > >
> > >
> > > Chris>> Need cheap CPE devices. The above was just one example. DSL
> > > bridge
> > > through a DSLAM using a Bridge Group at the PE with DHCP for IP
> > > Addressing
> > > so that telecommuters for an enterprise can get the same IP address
> > > wherther
> > > they are at work or at home or a SOHO office. IE: The DHCP server
> for
> > > that
> > > particular user is the actual enterprises Server
> > >
> > > > > 2. You do not have a CPE. EG: Ethernet port off a L2 LAN Switch
> in a
> > > MTU
> > > > > model.
> > > >
> > > >Well most ethernet switches support VLANs. That's all what you
> need.
> > > >Also linux supports both GRE and vlans so you can easily use this
> as
> > > >solution as well.
> > >
> > > Chris>> Does not seem practical. Are you saying put a LINUX WS at
> each
> > > site?
> > > That eliminates the cost advantage of using Ethernet then doesn't
> it??
> > > Also
> > > in the VLAN scenario would that not mean the clients Internet
> traffic
> > > could
> > > route back to the VPN path? (Note: If the client did nothing about
> it
> > > and
> > > was outsourcing the service to us the SP)
> > >
> > >
> > >
> > > _________________________________________________________________
> > > Get your FREE download of MSN Explorer at
> > > http://explorer.msn.com/intl.asp
> > >
> > > -------
> > > The MPLS-OPS Mailing List
> > > Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
> > > Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
> > >
> > 
> > -------------------------------------------------
> > This mail helped a tree grow. Know more at http://green.sify.com
> > 
> > Want to win a PC or Palm Tops or Digital Diaries or T-Shirts?
> > Click here http://promos.sify.com/niit/main.asp?mail
> 

-------------------------------------------------
This mail helped a tree grow. Know more at http://green.sify.com

Want to win a PC or Palm Tops or Digital Diaries or T-Shirts?
Click here http://promos.sify.com/niit/main.asp?mail

-------
The MPLS-OPS Mailing List
Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
Archive: http://www.mplsrc.com/mpls-ops_archive.shtml