Hi all. R77.30 \ gaia. Distributed environment - 15 sites, each with a CP 4000 appliance cluster.
Each site has a single port MPLS solution which provides any-to-any connectivity to all of our other sites (private), and internet connectivity. In order to accomplish the two separate paths, we have 2 tagged VLANS . Based on destination, our gateway will tag and hand-off to a specific provider gateway. So.. on the VLAN interface for MPLS traffic, i have spoofing set to "internal", and for the internet VLAN, spoofing is set to "external". Everything works great, no problems.
But wait... After doing this for about 7 years, our provider is forcing us into their "newer" solution. They are removing the two VLAN scenario, and will handle all routing based on destination from one gateway. There will be one physical interface to the outside world - private and public, so there would be only one route per gateway, the 0 default. Since there could be public or private source\destinations behind that one physical interface, it seems like i'll have to turn spoofing off for it? Or am i missing something?
thanks
Danny
Bookmarks