Internet access using VRF aware NAT

devang patel devangnp at gmail.com
Thu Feb 26 18:38:18 CST 2009


Hello,

Have one question about VRF aware NAT for internet access! If we will enable
the VRF aware NAT on local PE to have an internet access via central
Internet PE then we will not have connectivity to any other VPN site as all
local CE prefixes will be translated to the loopback IP address of the local
PE.

We can have route map which will match the ACL for specific CE source to
specific VPN destination with deny key word and it will prevent the NAT when
CE will try to communicate with other CE of same VPN or different VPN. That
looks longer configuration in real world right! so is that the only way I
have when I will have only one option to configure the locap PE with VRF
aware NAT to gain internet access?
I need to know what is the implement in real world? How service provider
networks are providing internet access with MPLS VPN option? I know about
customer is getting VPN connectivity on one router and service provider will
give other internet connectivity link which might be terminating on same
router or other router.  I just want to know which is mostly used option as
far as the internet access service with MPLS VPN services!

thanks,
Devang Patel



More information about the NANOG mailing list