It is accomplished using many vrfs on (2) Cisco 1841s. For those less technical, VRFs are essentially private routing tables similar to a VPN. When a packet destined to 220.127.116.11 (AKA obiwan.scrye.net) hits my main gateway, I forward it onto the first VRF on the “ASIDE” router on 18.104.22.168. That router then has a specific route for 22.214.171.124 to 126.96.36.199, which resides on a different VRF on the “BSIDE” router. It then has a similar set up which points it at 188.8.131.52 which lives in another VPN on “ASIDE” router. All packets are returned using a default route pointing at the global routing table. This was by design so the packets TTL expiration did not have to return fully through the VRF Maze.
« Older He's just a tramp-sama abroad. | Respect must be paid Newer »
This thread has been archived and is closed to new comments