I am working on an Apstra deployment with multiple routing zones (each with its own set of vlans) and one of the requirements is to have one single vlan shared among all routing zones. I suggested to create a separate routing zone for this vlan and use the external firewall to police traffic between this VRF and all the other VRFs. However, the customer is reluctant to burden the firewall with all this additional traffic. Can one suggest an alternative design for this specific requirement? May thanks...
------------------------------
Mourad Kaddache
------------------------------