Folks, I have a number of L3 MPLS VPNs. For example, there is the WiFi management VPN (WiFi management interface). There is th systems VPN where things like RADIUS servers, Databases talk. There is a VPN for LTE OAM. There are alsomseparate VPNs for other LTE functions.
All OK. Then are various sites I have a cluster of ops servers, syslogs, things that go ping, instances of cacti and our various vendors management systems. They all sit behind a firewall. What's the nicest way of allowing the ops servers all talk to each VPN instance? At the moment I just us pretty normal L3VPN techniques so that every VPN sees routes tagged with the ops VPN target community and so that the ops VPN sees all the other VPN routes but the division between VPNs is maintained. Or, would it be nicer to have the firewall have a foot in each VPN, advertise routes to ops systems to each VPN instance and receive routes from all the other VPNs? -- Leigh ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________
