Closed marcartz closed 1 year ago
When using VRFs to enforce security zones
This is not the purpose of VRFs. Each VRF represents a discrete routing table. I'd suggest using tags, custom fields, or a plugin to effect the association of prefixes to security zones, as doing so is wholly independent from VRF assignment.
I'm trying to propose a feature that would make Netbox even more helpful to us any many others as I'm confident (as I've tried to explain this design is very common with various large network vendors). This feature would only affect the display of prefixes and would not require any changes to the data model. What criteria would this feature request have to fulfil to make you consider it?
NetBox version
v3.5.1
Feature type
Change to existing functionality
Proposed functionality
New prefix view: Please provide a flag to configure a prefix display view in a way that child prefixes are included purely based on their address, ignoring their VRF membership.
Use case
When using VRFs to enforce security zones, as common in many Cisco designs, children prefixes of a given supernet may belong to different VRFs. A central routing instance interconnects all VRFs in a single shared routing table (Fusion Router). While Prefixes are technically unique to a given VRF in this scenario some coordination (uniqueness) of networks across VRFs is still required.
Database changes
No response
External dependencies
No response