Internet Access in MPLS

Hi Brian ,

 

Can u please explain me in detail the Internet access and its all types used under MPLS VPN and when to use which option ????

 

it will be a great help

 

Thanks

Rajiv

Comments

  • <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">





    Hi Rajiv,



        Do you have the CCIE SP Class-on-Demand?  It's a little involved to
    explain all options in an email, because there is about a 4 hour
    section on just MPLS VPN Internet Access in the Class-on-Demand :)



    Brian McGahan, CCIE #8593
    (R&S/SP/Security)

    [email protected]



    Internetwork Expert, Inc.

    http://www.InternetworkExpert.com

    Toll Free: 877-224-8987 x 705

    Outside US: 775-826-4344 x 705

    Online Community: http://www.IEOC.com

    CCIE Blog: http://blog.internetworkexpert.com






    Rajiv wrote:

    Hi Brian ,

     

    Can u please explain me in detail the Internet access and its all
    types used under MPLS VPN and when to use which option ????

     

    it will be a great help

     

    Thanks

    Rajiv







    Internetwork Expert - The Industry Leader in CCIE Preparation

    http://www.internetworkexpert.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx

  • We have a few options:

    - dedicated VRF "Internet" + standard RT import/export

    - VRF static route (default) to global table

    - global table to VRF leaking (GRE)

    Obviously if we don't have public addresses in our VRF we have to consider NAT as an option.

  •  

    Hi Brian,

    i went through the COD, and explanation was fantastic

    but still i am thinking of option in which i dont want to do VRF NAT i mean what if i have a public pool

    then in that case how do i leak the VRF routes in global routing table ??

    Rajiv

  • <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">





    If the VPN customer has public addressing then you just need to
    advertise the address space into the global routing table with a static
    route on the PE.  The static VRF route to 0.0.0.0/0 points to the
    internet gateway but uses the "global" keyword at the end to tell the
    PE router to do the lookup in the global table vs the VRF table. 
    Here's a link on it:
    http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00801445fb.shtml



    HTH,



    Brian McGahan, CCIE #8593 (R&S/SP/Security)

    [email protected]

     

    Internetwork Expert, Inc.

    http://www.InternetworkExpert.com

    Toll Free: 877-224-8987 x 705

    Outside US: 775-826-4344 x 705

    Online Community: http://www.IEOC.com

    CCIE Blog: http://blog.internetworkexpert.com






    Rajiv wrote:

     

    Hi Brian,

    i went through the COD, and explanation was fantastic

    but still i am thinking of option in which i dont want to do VRF
    NAT i mean what if i have a public pool

    then in that case how do i leak the VRF routes in global routing
    table ??

    Rajiv







    Internetwork Expert - The Industry Leader in CCIE Preparation

    http://www.internetworkexpert.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx

  • Has anyone got any literature on implementing Internet Access with NAT in a MPLS VPN environment?

    I work for a Service Provider and we have MPLS VPN customers all using private IP addresses. At the moment all customers have a central site and access the Internet through their central site. We are looking at offering a Managed Internet Gateway solution for customers where they do not have to go through the Central Site for their internet access and can go via the Managed Internet Gateway that we provide.

    I haven't been able to find much literature for this sort of set up although  I'm sure it's a pretty common set up amongst Service Providers.

     

Sign In or Register to comment.