--- Begin Message ---> Dear Colleagues, > > If a customer's several sites are connected to the same PE router, > but to different interfaces, which is the recommended practice, > assuming that all these sites must be reachable from one another: > > 1. Place all the interfaces into the same VRF. > > 2. Place each site into a separate VRF and set up route import/export > between the VRFs. > > Thanks in advance for any input.It all depends on your VPN routing policy. If you want all sites to freely communicate between each other, put all of them into the same VRF. If you need to restrict communication (like forcing traffic to a central site/hub), use different VRFs with an appropriate import/export policy. Using different VRFs with an unrestricted import/export policy is IMHO a waste of resources, but your mileage might vary. oli
--- End Message ---
_______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
