Hi, On Wed, 18 Jun 2003, Harald Tveit Alvestrand wrote: > I can think of some possible reasons, not necessarily exclusive > > - this is a bad idea/impossible to do well, so we shouldn't do it
Yes to both. > - some other organization is already doing it, so we shouldn't No idea about that. > - we're too stupid to get it right, so we shouldn't do it Yes. > - the IETF is too large, so we shouldn't be adding more work Yes. > From your message, I can't tell which of those, or of any number of other > possible objections, is the basis of your objection. > > BTW - all these things were already being worked on in PPVPN. Some were > even described in the charter. Fair question, I probably should have included more text in the first place :-). 1. Virtual Private LAN Service. This is Internet-wise ethernet bridging over routing protocols such as BGP, IS-IS, etc; further, this has typically little respect for security implications which are implicit (or even explicit) in LAN networks. So, my main points are: - we must not overload routing protocols and such infrastructure (IMHO, this seems an inevitable path the work would go towards..) - we must not create complexity by deploying ethernet bridging all over the Internet. Our work should be focused on making IP work, not specifying Ethernet-over-IP (or worse, Ethernet-over-IP as a *service*). - it is architecturally wrong: use different subnets, period -- that's what those are meant for in the first place! - the model has significant security modifications. Seems like some operators want to move their frame relay (and what have you) customers to be bridged over IP, instead of fixing their networks. (I'm allowed to say that because I work for an ISP :-). And vendors are desperate to provide to solutions for these "needs". But is this the right approach? I don't think so. 2. Virtual Private Wire Service This is slightly better as you're "only" performing point-to-point communication. Same considerations as above apply, to a slightly lesser extent. Btw. how is this different from currently-specified GRE tunneling? It being made a "service"? 3. IP-only L2 VPNs This seems a subset of case 1), which seems almost reasonable when it's made for point-to-point links. I just don't see why folks would really want anything like this. I can't figure out *one* area of applicability where using layer 3 mechanisms couldn't be made to work around the issue. > --On onsdag, juni 18, 2003 09:27:49 +0300 Pekka Savola <[EMAIL PROTECTED]> > wrote: > > > > > Hi, > > > > I do not think this WG should be chartered. > > > > On Tue, 17 Jun 2003, The IESG wrote: > >> > >> 1. Virtual Private LAN Service (VPLS)--L2 service that emulates LAN > >> across an IP and an MPLS-enabled IP network, allowing standard > >> Ethernet devices communicate with each other as if they were > >> connected to a common LAN segment. > > > > I *definitely* think we should *NOT* be working on this. > > > >> 2. Virtual Private Wire Service (VPWS)--L2 service that provides L2 > >> point-to-point connectivity (e.g. Frame Relay DLCI, ATM VPI/VCI, > >> point-to-point Ethernet) across an IP and an MPLS-enabled IP > >> network. > > > > We shouldn't be working on this. > > > >> 3. IP-only L2 VPNs--L2 service across an IP and an MPLS-enabled > >> IP network, allowing standard IP devices to communicate with each > >> other as if they were connected to a common LAN segment or a > >> point- to-point circuit. > > > > We may have to work on the point-to-point L2 VPN case, but I'd like to > > see alternative approaches to this. > > > > -- > > Pekka Savola "You each name yourselves king, yet the > > Netcore Oy kingdom bleeds." > > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings > > > > > > _______________________________________________ > > This message was passed through [EMAIL PROTECTED], which > > is a sublist of [EMAIL PROTECTED] Not all messages are passed. Decisions on > > what to pass are made solely by Raffaele D'Albenzio. > > > > -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
