VRF and Routing Policies for SampleNet Internet Access

The SampleNet central site, which provides Internet access for members of the Snet_Customer VPN, will belong to the VPN defined as Snet_Internet. This central site is the same site that is currently used as the hub in the GRE tunneling solution.

The route target attribute assigned to Snet_Internet has a value of 1234:17. This route target must be exported from the Snet_Internet VRF so that all members of the Snet_Customer VPN can import it into their VRF so that Internet connectivity is provided throughout the SampleNet network (for Internet locations that are not directly attached to the TransitNet backbone network). The only route, which is advertised from the Snet_Internet VRF, is the default route, which is learned from the SampleNet central site EIGRP process. This default route will be used by any SampleNet site that does not have a more specific route within its routing table. Internet access will not be provided for SampleNet customers via the external BGP peering point in the TransitNet London POP.

The link between the Snet_Internet PE-router (Manch-PE-1 within the TransitNet backbone) and the SampleNet central site will run RIP Version 2 to exchange internal routing information. This is necessary so that SampleNet customer routes that have been imported into the Snet_Internet VRF can be advertised to the SampleNet main site, and so that the default route can be learned dynamically. The RIP Version 2 routes, which include any routes learned from across the TransitNet MPLS/VPN backbone, will be redistributed into the main SampleNet site EIGRP process at the CE-router within the SampleNet central site. This connectivity is discussed in more detail in the migration strategy section later in this chapter.

The import and export policies used for this VPN can be seen in Table 15-4.

Table 15-4. SampleNet Internet Access VRF Import/Export Policies

VRF Snet_Internet


Import and export

1234:17 (Snet_Default)

Import only

1234:16 (Snet_Customer)

    Part 2: MPLS-based Virtual Private Networks