Hi!
Pros: Security. You can make device management based on private addresses like 10./172. So no one ever can get remote access to your routers from internet. Cons: Memory consuption on routers. Each full view will consume more router's ram that usual. A bit more annoying troubleshoot - you need to type ping vrf, trace vrf and so on Works well on NPE-G1, IOS bases GSR's Mark Tech wrote: > Hi > We area going to deploy a new MPLS network which will be used for Internet > customers and IP/VPN customers. I understand that there are two options with > running these networks: > 1. Run the internet natively across all boxes and secure them down against > DoS attacks etc > 2. Create an Internet VRF whereby all internet traffic is simply seen as a > large IPVPN network, thereby utilising some of the inherent security factors > associated with IPVPNS > My question is whether anyone has other pros and cons from real life > experience, associated with the two options previously stated. > I would like to add that the platforms will be provisionally Cisco 6500s with > SUP720s (edge) and Cisco XR 12406's (core) > Regards > Mark > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
