•No IP path between T-PE and S-PE (MS-PW) or T-PE and
T-PE (SS-PW).
–Disabling IP on the T-PE and S-PE interface removes
vulnerabilities and requirements
to secure at Layer 3.
•
•Static
LSP and PW provisioning for any segments.
–Static
labels, associations and options.
–Ability to disable all control plane protocols between
T-PE and S-PE (MS-PW) or T-PE and
T-PE (SS-PW).
–In
FP all non interface associated labels received must be dropped.
–Static
definition of primary and backup LSPs and PWs.
–Disabling control plane in MS-PW case will allow for
better ability to secure core
domain control plane.
•
•Static
OAM provisioning of sessions and capabilities
–Removing requirement for dynamic control plane for
transport to setup OAM sessions
and negotiate capabilities.