On Fri, 24 Jun 2022 at 10:54, Mark Tinka via juniper-nsp <juniper-nsp@puck.nether.net> wrote:> After failing to get Netscout to natively support IS-IS, we came up with
> a rather convoluted - but elegant - way to transport on-ramp/off-ramp > traffic into and out of our scrubbers. > > Basically, we use lt-* (logical tunnel) interfaces that sit both in the > global table and a VRF. We loop them to each other, and use IS-IS + BGP > + LDP to tunnel traffic natively using MPLS-based LSP's signaled by LDP > (as opposed to GRE), so that traffic an always follow the best IS-IS + > iBGP path, without the hassle of needing to run GRE between routers and > scrubbers. Many ways to skin the cat. If you can dedicate small router to the scrubber (or routing-instance if you can't) and you run BGP-LU, so you avoid useless egress IP lookup, you just ensure that the scrubber PE or scrubber instance doesn't have the more specific routes, then it'll follow the BGP-LU path to egress CE. You can scrub any and all prefixes, without any scale implications as you never need to touch the network to handle clean traffic. -- ++ytti _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp