Re: L3 VPN Management

[Jeff Wheeler <jsw () inconcepts biz>]

On Wed, Mar 7, 2012 at 2:07 AM, Leigh Porter
<leigh.porter () ukbroadband com> wrote:
> What's the nicest way of allowing the ops servers all talk to each VPN instance? At the moment I just us pretty 
> normal L3VPN techniques so that every VPN sees routes tagged with the ops VPN target community and so that the ops 
> VPN sees all the other VPN routes but the division between VPNs is maintained.
>
> Or, would it be nicer to have the firewall have a foot in each VPN, advertise routes to ops systems to each VPN 
> instance and receive routes from all the other VPNs?

I think you may pay more money for extra firewall zones and perhaps
not receive any benefit from it.

-- 
Jeff S Wheeler <jsw () inconcepts biz>
Sr Network Operator  /  Innovative Network Concepts