Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
449
Views
5
Helpful
2
Replies

MPLS-VPN CE to CE separation

talmadari
Level 1
Level 1

‎02-27-2012 01:50 AM - edited ‎03-04-2019 03:26 PM

Hi Pros,

I'm looking for a way to separate 2 or more CE's for reaching each other on the same VRF,

For example if I have a customer VRF (MPLS-VPN L3) which configured with default route to the Internet and many branch offices which are connected to, now the customer wants that each branch could reach the Internet but not to talk with other branches.

thanks ahead,

Talm

Labels:
0 Helpful
2 Replies 2

rsimoni
Cisco Employee
Cisco Employee

‎02-27-2012 02:42 AM

Hi Talm,

you'd better make the needed changes on the PEs (major re-configuration is needed).

I.e. you create a new VRF for the users which should not connect to other branches while you leave the any-to-any sites in the existing vrf.

Then you play with  RT's import/export maps to achieve your goal.

Or you can apply ACLs on the CEs, but that it is not a great idea as it goes against the main idea of MPLS VPNs.

Riccardo

talmadari
Level 1
Level 1
In response to rsimoni

‎02-27-2012 04:04 AM

Hi Riccardo,

thank you for your replay but if i understand you correct, in this scenario, I will need a VRF for each branch.

BR,

talm

0 Helpful
Customers Also Viewed These Support Documents