Multiple VRFs from provider, IP addressing

Craig Rivenburg crivenburg at gmail.com
Thu Apr 28 05:22:26 UTC 2016


Hi Nanog...looking for some advice.  I have a customer who has a large
network...approximately 130 sites across the US.  Each site is fed via two
providers, via two Separate CE Routers.  It's a  L3-VPN service.  Each
provider currently provides connectivity for 6 VRFs, each over a single
service multiplexed UNI.  Ie...there are 6 dot1q interfaces facing each
provider, each sub-interface is in its own VRF.

The network is going through a redesign, and one of my tasks is to
consolidate and "streamline" IP addressing.

Looking for a sanity check...I have this idea to make every dot1q
sub-interface facing the provider the same point-to-point subnet.
Specifically, facing a single provider, I want to use the same /30 subnet
for all 6 VRFs.  I'd use a separate /30 for each of the CE routers per
site, so I could go from 12 /30s to 2 per site.  I should note, PE-CE
protocol is BGP, and behind the CE routers is a small iBGP network.

I know it's technically possible to configure the OPs this way and under
normal circumstances its fine.  But, in this case, there is a whole lot of
route leaking / cross target exchanges happening between VRFs.  I still
think it's okay...but can anyone think of a a failure mode that I may not
have?  Is what I'm thinking common practice?  Is there a best practice for
this sort of thing?

Thanks!



More information about the NANOG mailing list