(For the basics on PBR and VRF , please refer the other posts in the same blog.)
Most of the times , it seems PBR will work and there is no need to create VRF instances on a router.Well, what VRF gives you is completely de-coupled routing tables between interfaces. So for one ingress interface into the router, you use routing table A, and for another ingress interface, routing table B.
All interfaces belong to *one* VRF only, so if you want to share an interface between traffic of "sort A" and "sort B", things with VRFs get tricky. You can do this with VRF select ("match an access-list, and depending on the result, go to VRF routing table A or B or C..."), but that's a lot of configuration stuff if all you need to do is sort incoming traffic on one interface.
PBR will give you a lever to sort incoming traffic according to some rules you define in a route-map, bypassing(!) normal routing tables. PBR is more powerful than VRFs, if the point is "sorting traffic coming in on *one* interface", but if you need to scale this to dozens of routers, and hundreds of interfaces, PBR will just be too complex to get right.
All interfaces belong to *one* VRF only, so if you want to share an interface between traffic of "sort A" and "sort B", things with VRFs get tricky. You can do this with VRF select ("match an access-list, and depending on the result, go to VRF routing table A or B or C..."), but that's a lot of configuration stuff if all you need to do is sort incoming traffic on one interface.
PBR will give you a lever to sort incoming traffic according to some rules you define in a route-map, bypassing(!) normal routing tables. PBR is more powerful than VRFs, if the point is "sorting traffic coming in on *one* interface", but if you need to scale this to dozens of routers, and hundreds of interfaces, PBR will just be too complex to get right.
No comments:
Post a Comment