It is accomplished using many vrfs on (2) Cisco 1841s. For those less technical, VRFs are essentially private routing tables similar to a VPN. When a packet destined to 22.214.171.124 (AKA obiwan.scrye.net) hits my main gateway, I forward it onto the first VRF on the “ASIDE” router on 126.96.36.199. That router then has a specific route for 188.8.131.52 to 184.108.40.206, which resides on a different VRF on the “BSIDE” router. It then has a similar set up which points it at 220.127.116.11 which lives in another VPN on “ASIDE” router. All packets are returned using a default route pointing at the global routing table. This was by design so the packets TTL expiration did not have to return fully through the VRF Maze.
« Older He's just a tramp-sama abroad. | Respect must be paid Newer »
This thread has been archived and is closed to new comments