| < draft-muthukrishnan-mpls-corevpn-arch-02.txt | draft-muthukrishnan-mpls-corevpn-arch-03.txt > | |||
|---|---|---|---|---|
| Internet Engineering Task Force Karthik Muthukrishnan | Internet Engineering Task Force Karthik Muthukrishnan | |||
| INTERNET-DRAFT Andrew Malis | INTERNET-DRAFT Andrew Malis | |||
| Expires November 1, 2000 Lucent Technologies | Expires December 22, 2000 Lucent Technologies | |||
| <draft-muthukrishnan-mpls-corevpn-arch-02.txt> May 1, 2000 | <draft-muthukrishnan-mpls-corevpn-arch-03.txt> June 22, 2000 | |||
| A Core MPLS IP VPN Architecture | A Core MPLS IP VPN Architecture | |||
| 1. Status of this Memo | 1. Status of this Memo | |||
| This document is an Internet-Draft and is in full conformance with | This document is an Internet-Draft and is in full conformance with | |||
| all provisions of Section 10 of RFC2026. | all provisions of Section 10 of RFC2026. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| other groups may also distribute working documents as Internet- | other groups may also distribute working documents as Internet- | |||
| Drafts. | Drafts. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet- Drafts as reference | time. It is inappropriate to use Internet- Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This draft is not a product of any working group and was written and | ||||
| presented to the IETF well before the formation of any working group | ||||
| related to Core VPNs. | ||||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt | http://www.ietf.org/ietf/1id-abstracts.txt | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| 2. Acronyms | 2. Acronyms | |||
| ARP Address Resolution Protocol | ARP Address Resolution Protocol | |||
| CE Customer Edge router | CE Customer Edge router | |||
| skipping to change at page 11, line 40 ¶ | skipping to change at page 11, line 40 ¶ | |||
| Configuring private LSPs for VPNs allows the SP to offer | Configuring private LSPs for VPNs allows the SP to offer | |||
| differentiated services to paying customers. These private LSPs could | differentiated services to paying customers. These private LSPs could | |||
| be associated with any available L2 QOS class or Diff-Serv | be associated with any available L2 QOS class or Diff-Serv | |||
| codepoints. In a VPN, multiple private LSPs with different service | codepoints. In a VPN, multiple private LSPs with different service | |||
| classes could be configured with flow profiles for sorting the | classes could be configured with flow profiles for sorting the | |||
| packets among the LSPs. This feature, together with the ability to | packets among the LSPs. This feature, together with the ability to | |||
| size the virtual routers, allows the SP to offer truly differentiated | size the virtual routers, allows the SP to offer truly differentiated | |||
| services to the VPN customer. | services to the VPN customer. | |||
| 14. Virtual Router Security Considerations | 14. Security Considerations | |||
| 14.1 Routing Security | 14.1 Routing Security | |||
| The use of standard routing protocols such as OSPF and BGP in their | The use of standard routing protocols such as OSPF and BGP in their | |||
| unmodified form means that all the encryption and security methods | unmodified form means that all the encryption and security methods | |||
| (such as MD5 authentication of neighbors) are fully available in VRs. | (such as MD5 authentication of neighbors) are fully available in VRs. | |||
| Making sure that routes are not accidentally leaked from one VPN to | Making sure that routes are not accidentally leaked from one VPN to | |||
| another is an implementation issue. One way to achieve this is to | another is an implementation issue. One way to achieve this is to | |||
| maintain separate routing and forwarding databases. | maintain separate routing and forwarding databases. | |||
| End of changes. 3 change blocks. | ||||
| 3 lines changed or deleted | 7 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||