Hi Just continuing on my journey for multiple VRF. I have segregated of an interface for management. Using routing with vrf = Management and mangle rules to mark all packets / connections with vrf=Management. Caveat is that my default routing table must have a valid route. So when I tested telnet ccr on the management port ip from a box on the same vlan - management, I could see packets coming in and then nothing leaving Add in default route via a cross connect and suddenly packets start to flow back. Note I can send default to blackhole that doesn't work. Now my question is things like logging can I set the source address / interface . will setting the source set the interface ? Will packets pick up the mark if they have that source address - or do I need to add in a mangle that say's any with that source address has the vrf=Management Alex Alex Samad | Network And System Manager | Yieldbroker * +61 2 9994 2893 | ( +61 438 838 143 | * alex.samad@yieldbroker.com<mailto:alex.samad@yieldbroker.com> This email is confidential and intended for the addressee only. If you may have received this email in error please delete it and notify the sender immediately. Recipients should not forward, disclose, distribute or copy this e-mail or any attachments in whole or part without the express permission of the sender. Views expressed in this message are those of the individual sender, except where they are specifically stated to be those of Yieldbroker. Yieldbroker accepts no liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided, unless that information is subsequently confirmed in writing. Yieldbroker can not guarantee the integrity of this communication and shall not be liable for e-mail which may be intercepted, corrupted, lost, spoofed, delayed, incomplete, or virus infected.