The MPLS-OPS Archive

Cell Relay Retreat>MPLS-OPS Archive>month:2005-Feb> msg00049



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

RE: Interconnecting MPLS networks

  • From: "McCallum, Robert" <robert.mccallum@thus.net>
  • Date: Wed, 23 Feb 2005 16:38:43 -0000
  • Resent-Date: Wed, 23 Feb 2005 12:26:49 -0500
  • X-Scanned-By: MIMEDefang 2.45

the simple fact that you are leaking your network routes to someone else is
a MAJOR gripe of security.  Between that and sorting RDs out - why bother.
Just peer between the ASBRs and that's you sorted.

Robert McCallum 
CCIE #8757 R&S
01415663448
07818002241 

> -----Original Message-----
> From: McCoy, Chris [mailto:Chris.McCoy@spirentcom.com] 
> Sent: 23 February 2005 16:33
> To: McCallum, Robert; 'Ramanna, Prakash'; 'mpls-ops@mplsrc.com'
> Subject: RE: [MPLS-OPS]: Interconnecting MPLS networks
> 
> 
> Robert,
> 
>   Could you tell us why you don't like this method of 
> peering?  Aside from having to turn off next-hop-self and 
> injecting a /32 into your neighbor's AS for each PE you wish 
> to support, I don't see the security problem right off hand.  
> You could still run MD5 authentication across the MP-eBGP 
> session. Could you enlighten me?
> 
> Thanks,
> Chris M.
> 
> -----Original Message-----
> From: McCallum, Robert [mailto:robert.mccallum@thus.net] 
> Sent: Wednesday, February 23, 2005 8:30 AM
> To: 'Ramanna, Prakash'; mpls-ops@mplsrc.com
> Subject: RE: [MPLS-OPS]: Interconnecting MPLS networks
> 
> 
> in my experience I opt for the ASBR --.  ASBR connection.  
> Doing the RR connection opens up too much of a security 
> headache for me.
> 
> Robert McCallum 
> CCIE #8757 R&S
> 
> 
> > -----Original Message-----
> > From: Ramanna, Prakash [mailto:Prakash.Ramanna@team.telstra.com]
> > Sent: 14 February 2005 06:02
> > To: mpls-ops@mplsrc.com
> > Subject: [MPLS-OPS]: Interconnecting MPLS networks
> > 
> > 
> > 
> > Hi ,
> > 
> >          Does anyone in the group have experience in 
> interconnecting 
> > MPLS networks ? Can they give some ideas or lead on this topic?
> > 
> > One idea I have is to interconnect Route-reflectors between 
> the 2 MPLS 
> > networks. These RR will work as ASBR and peer with each other via 
> > eBGP.
> > 
> > 
> > 
> > Cheers !!
> > 
> > 
> > Prakash
> > 
> > 
> > 
> > 
> > 
> > -------
> > The MPLS-OPS Mailing List
> > Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
> > Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
> > 
> 
> -------
> The MPLS-OPS Mailing List
> Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
> Archive: http://www.mplsrc.com/mpls-ops_archive.shtml
> 

-------
The MPLS-OPS Mailing List
Subscribe/Unsubscribe:  http://www.mplsrc.com/mplsops.shtml
Archive: http://www.mplsrc.com/mpls-ops_archive.shtml