Hi William,
The Route distinguisher is the VPN instance identifier correct?
Incorrect. The only function of RD is to make the routes unique. It has
no meaning beyond it.
The reason is that between VPNs you may have overlapping address space
and if so vpnv4 would get mixed up in the Service Provider core.
So it is unique per VPN in the network.
It can be unique per VPN (same RD case for given VPN on each PE), but it
can also be unique per VPN per VRF resulting in a given VPN carrying as
many RDs as VRFs it has it's sites attached to.
And the route target/vrf target is a value that you can assign to
prefixes when advertised from local PE router to limit which remote PE
routers in the VPN will accept the prefixes?
It does limit not only which remote PE routers get such prefixes (only
in the case where you use rt-constrain), but above all it is crucial to
decide which remote virtual routing and forwarding instances will import
such prefix.
RTs build a VPNs not RDs.
(Because PEs also do automatic inbound filtering based on their own RTs
regardless of rt-constrain being used or not it may seems just like you
have observed that RT limit which routers take which vpnv4 prefixes. But
this is just an optimization :).
Cheers,
R.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
