Re: Enterprise network as an ISP with a single huge customer

[Christopher Morrow <morrowc.lists () gmail com>]

On Fri, Jun 12, 2015 at 10:04 PM, Randy Bush <randy () psg com> wrote:
> > it's nice to have the tools to segregate traffic/users/things...
> > mpls/etc is one method to do that... I don't know that many
> > enterprises pursue this path though :( which is sad (I think).
>
> i have seen a lot of this done with firewall devices and vlans.  with
> vlans or mpls, you can make spaghetti without wires, one wheat and one
> semolina.

oh absolutely. you can use many tools to lop off your fingers, my
point was that things like mpls (or vlans) provide a nice other tool
to use along with your firewalls and such.

of course you ought not willy-nilly go crazy with this, but... imagine
if the 'hr department' were in one contiguous 'VRF' which had a
defined set of 2-3 exit points to control access through... while
those willy 'engineers' could be stuck in their own ghetto/VRF and
have a different set of 2-3 exit points to control.

Expand your network over many locations and in large buildings and ...
it can be attractive to run a 2547 network that the company is a
'customer' of, or so I was thinking :)