cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Community Live
473
Views
0
Helpful
3
Replies
kossuth78
Beginner

Looking to see if there is any white papers or recommendations on the creation of a out of band management interface

In short looking to manage a WAN 2911 router using one of the three interfaces as a dedicated out of band management interface.  My immediate thought was using a VRF on the management interface and leaving all the routing on the global side of the router which is where it is now.  After doing some looking and reading I saw there were three major camps on this.

1.  Routing is global, management is VRF

2.  Routing is VRF, management is global

3.  Both routing and management are in separate VRFs

There was talks of pros and cons of each but nobody every elaborated.  Is there any best practices white paper on this topic going over the pros and cons of each setup.  Using VRFs for this purpose is alittle new to me so I want to understand this as thoroughly as I can before I fully implement it.  I've done some looking on the web and haven't run across much else than what I mentioned above.  Thanks  

3 REPLIES 3
Seb Rupik
VIP Advisor

Hi there,

Not a whitepaper, but here's a good blog post which gives some good examples and thinking:

https://ltlnetworker.wordpress.com/2015/08/16/management-network-topology-and-asymmetric-routing/

 

cheers,

Seb.

Joseph W. Doherty
Hall of Fame Expert

I don't recall seeing a white paper on the subject, but I thought I would mention, Cisco's later network devices that have VRF capability and a dedicated management interface now appear to have default configs where the management interface is in its own VRF. All other interfaces default to remaining in the global VRF. I.e. such current default configs appear to use your option #1.

As to pros and cons, if you're going to use VRFs to separate your management interface, option #1 would be less configuration than option #3. (Option #2 appears to be a way to "accidentally" drop interfaces into your management network.)

Thanks alot for your help guys.