Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
>Also worth looking at is the hardware component: what will run on >the hardware you've already got (if anything)? IF you already >have most or all of the hardware pieces to implement Cisco's >version, then Cisco's probably makes sense. IF you already have >the requisite Nortel gear (Passports?), you're probably only >looking at upgrading to a new PCR (software version). One of the benefits of the solution I'm considering is that we don't have to change much at all on our CPE. Our branch sites would require static routing only, while two or three other sites would need to run OSPF. The OSPF-speaking routers form adjacencies with the Qwest PRN and will dynamically learn the routes to our spoke locations. One operational downside is that in order to add a new subnet at a spoke site I have to call Qwest and have them manually add a static route in the PRN, which will then be redistributed into OSPF. It seems like a pretty decent solution and it solves all sorts of problems we're having with the frame relay network. A solution like this would allow us to finally move to IP telephony and not run into serious bandwidth constraints and other issues caused by the use of FRTS. It would also allow us to expand the number of sites involved in video conferencing. All of this could occur without experiencing the shaping issues created when you have 3+ PVCs at most locations. For reference, Qwest is using the BSN-5000 (Shasta) for this service. There are still a few remote sites where we'd connect to some Juniper router but Shasta's do the bulk of the work. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73106&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
At 5:55 AM + 7/27/03, Nakul Malik wrote: >Thanks Anlee. >I used to work for GTL a while back and they told us that passport was at >heart running on FR. When i say passport, i refer to 6480/7480 etc., not >8600, which most people, including me still refer to as Accelar. >I agree with u on the backplane statement though. Everything happens thru >the backplane. > >-Nakul Do remember FR was invented as a low-speed extension of ATM. There have been relatively few carrier-grade FR switches that aren't internally cell switches. Stratacoms started with a 24-byte proprietary cell in their switching fabrics. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73081&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
Thanks Anlee. I used to work for GTL a while back and they told us that passport was at heart running on FR. When i say passport, i refer to 6480/7480 etc., not 8600, which most people, including me still refer to as Accelar. I agree with u on the backplane statement though. Everything happens thru the backplane. -Nakul ""annlee"" wrote in message news:[EMAIL PROTECTED] > Nakul Malik wrote: > > passport at heart an ATM switch/ > > > > Passport is FR. > > > > -Nakul > > > > > > > > ""annlee"" wrote in message > > news:[EMAIL PROTECTED] > > > >>John Neiberger wrote: > >> > >> > >>>I'm just now digging deeper into current VPN technologies since I'm > >>>researching Qwest's PRN service. I'm awaiting a definitive answer from > > > > them > > > >>>but it appears that their PRN service is 2764-based, which apparently > > > > means > > > >>>it does not use MPLS like 2547-based VPNs. I'm curious about the > >>>implications of choosing one model over the other. > >>> > >>>I thought the market trend was toward MPLS-based VPNs but 2764 seems to > >>>argue against that. What are the implications of choosing one model over > >> > >>the > >> > >>>other? Are there any major drawbacks to either one that the other > >>>addresses? > >>> > >>>I'm also a little concerned about vendor choices. Nortel seems to be > >> > >>pushing > >> > >>>2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is > > > > that > > > >>>correct? If so, is that really that important to the customer? > >>> > >>>Forgive me if these questions seem pretty vague. I'm still learning > > > > about > > > >>>the technologies involved and I'm not very familiar with the specifics > > > > and > > > >>>the terminology. > >>> > >>>I'll put in a plug here for Howard's book _Building Service Provider > >>>Networks_. Among a number of things it discusses some of these VPN > >>>technologies and has been very helpful the last couple of days during my > >>>research. > >>> > >>>John > >> > >>Also worth looking at is the hardware component: what will run on > >>the hardware you've already got (if anything)? IF you already > >>have most or all of the hardware pieces to implement Cisco's > >>version, then Cisco's probably makes sense. IF you already have > >>the requisite Nortel gear (Passports?), you're probably only > >>looking at upgrading to a new PCR (software version). > >> > >>And there's the training and management aspect -- which suite do > >>you know better? Where is the rest of your network going--will > >>money spent learning Passport command line be transferable to > >>other devices, offering a savings there? My guess is no, but it > >>could be possible. Finally, what's the underlying architecture -- > >>Passport at its heart is an ATM switch, and Nortel's VPNs using > >>virtual routers still looks an awful lot like IP over ATM, with > >>all the overhead in play there. If it's Passport they're pitching > >>at you, have a good look at the layer 2 technology on switch > >>egress. What I saw was: > >> > >> [data+(local IP hdr)+(carrier IP hdr)+layer2 formatting] > >> > >>as it went through the cloud. Potentially, that's a lot of > >>overhead. If that's not a problem, fine. > >> > >>Annlee > The Passport 6000/7000/15000/2000 are all at heart ATM switches. > The Passport 8600 series is a renamed Accelar (Bay Networks) > switch. They were going to rename it Optera 8600 during the > spring of 2002, but then decided to forego that--I never heard why. > > The Passport 6-20K series are optimized for ATM. They run > everything through the backplane, even if it departs the switch > on a different circuit of the same Function Processor > (blade)--for instance, traffic comes in on port 3 of an 8p DS1 > and goes out port 6 of the same DS1 FP. It comes in, passes > through to the backplane, and then back into the FP and egresses. > Passage out of the FP and through the backplane (which is a bus > on the 6/7K and a fabric on the 15/20K) requires segmentation > into what are called Passport cells, of 64K (IIRC), sized to hold > an internal header and an ATM cell. SAR for this is done on the > FP, I forget the name of the processors that do it (QBIC, maybe), > but there's an ingress path on the FP all the way through to the > backplane and then an egress path from the backplane to the > egress port. Each path runs through one of the processors. > Reassembly is performed on egress, if needed, which it isn't for > ATM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73077&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
>I'm curious if anyone has talked to their SP and has thought about >leveraging MPLS carrier's carrier approach? Not sure how many >SPs, if any, support this currently, but seems to have the >right scaling properties if you're an ISP. And with the ability >for eBGP to carry labels for BGP routes (see neighbor send-label), >the CE-PE protocol remains "vanilla" eBGP, meaning there's no >need for MP-BGP or LDP. Of course, now you may need to do iBGP >or confed eBGP over the MPLS cloud, but that could be interepreted >as a benefit. L2VPN using Kompella or a bunch of PW's makes a very nice carrier of carriers approach without all the hokey L3 "peering" requirements. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73076&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
dre wrote: > > I, personally, do not want to get heavily into it. It's not > mature > technology, and it's all bad, IMO. There are a few solid > technologies...and they are mostly the ones that were > implemented > first. Sure, MPLS-VPN with 2547 is great, but it scales > horribly > and is difficult to manage. It also is dependent on an MPLS > core, > with no route summarization, full IBGP with MP-BGP, and all the > rest of the hooks. It uses two (and if you are using MPLS-TE, > then > three) labels to work, so it's big and kludgy. And you add all > sorts of bugs and overhead to get it working. I'd be interested in understanding more why and how you think 2547bis does not scale. Are you refering to the number of routes the SP might need to carry or something else? If the former, then I'd agree. In the SP evals I've done of 2547bis solutions, one typically speaks vanilla eBGP between the CE and PE devices. I guess some SP support IGPs between the CE and PE, but that isn't practical from my perspective. At least from what I've seen, there's no need for iBGP or MP-BGP between the CE and PE devices. Certainly not iBGP. Don't understand the comment about route summarization and how it applies here. I'm curious if anyone has talked to their SP and has thought about leveraging MPLS carrier's carrier approach? Not sure how many SPs, if any, support this currently, but seems to have the right scaling properties if you're an ISP. And with the ability for eBGP to carry labels for BGP routes (see neighbor send-label), the CE-PE protocol remains "vanilla" eBGP, meaning there's no need for MP-BGP or LDP. Of course, now you may need to do iBGP or confed eBGP over the MPLS cloud, but that could be interepreted as a benefit. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73074&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RFC 2547 vs. RFC 2764 VPNs [7:73048]
No Passport is Gigabit Ethernet. Actually, Passport is all of those things. Passport is a generic term that Nortel renamed all of their switches/routers to. The Passport 8600 for instance, which is the only one I'm really familiar with as I don't do ISP/carrier stuff (yet?), is a Gigabit Ethernet switch. It is NOT at its core ATM, nor FR. You have to use a model number to be sure what "Passport" you are talking about... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Nakul Malik [mailto:[EMAIL PROTECTED] Sent: Saturday, July 26, 2003 10:23 AM To: [EMAIL PROTECTED] Subject: Re: RFC 2547 vs. RFC 2764 VPNs [7:73048] passport at heart an ATM switch/ Passport is FR. -Nakul ""annlee"" wrote in message news:[EMAIL PROTECTED] > John Neiberger wrote: > > > I'm just now digging deeper into current VPN technologies since I'm > > researching Qwest's PRN service. I'm awaiting a definitive answer from them > > but it appears that their PRN service is 2764-based, which apparently means > > it does not use MPLS like 2547-based VPNs. I'm curious about the > > implications of choosing one model over the other. > > > > I thought the market trend was toward MPLS-based VPNs but 2764 seems to > > argue against that. What are the implications of choosing one model over > the > > other? Are there any major drawbacks to either one that the other > > addresses? > > > > I'm also a little concerned about vendor choices. Nortel seems to be > pushing > > 2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is that > > correct? If so, is that really that important to the customer? > > > > Forgive me if these questions seem pretty vague. I'm still learning about > > the technologies involved and I'm not very familiar with the specifics and > > the terminology. > > > > I'll put in a plug here for Howard's book _Building Service Provider > > Networks_. Among a number of things it discusses some of these VPN > > technologies and has been very helpful the last couple of days during my > > research. > > > > John > Also worth looking at is the hardware component: what will run on > the hardware you've already got (if anything)? IF you already > have most or all of the hardware pieces to implement Cisco's > version, then Cisco's probably makes sense. IF you already have > the requisite Nortel gear (Passports?), you're probably only > looking at upgrading to a new PCR (software version). > > And there's the training and management aspect -- which suite do > you know better? Where is the rest of your network going--will > money spent learning Passport command line be transferable to > other devices, offering a savings there? My guess is no, but it > could be possible. Finally, what's the underlying architecture -- > Passport at its heart is an ATM switch, and Nortel's VPNs using > virtual routers still looks an awful lot like IP over ATM, with > all the overhead in play there. If it's Passport they're pitching > at you, have a good look at the layer 2 technology on switch > egress. What I saw was: > > [data+(local IP hdr)+(carrier IP hdr)+layer2 formatting] > > as it went through the cloud. Potentially, that's a lot of > overhead. If that's not a problem, fine. > > Annlee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73064&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
At 2:22 PM + 7/26/03, Nakul Malik wrote: >passport at heart an ATM switch/ > >Passport is FR. > >-Nakul The Passport is internally a cell switch, onto which Nortel has overlaid a great many other features. Before I went to work for Nortel, I consulted on the BGP implementation, and later worked as a router designer in the corporate R&D lab -- often hearing "oh, we can make the Passport do that too." > > > >""annlee"" wrote in message >news:[EMAIL PROTECTED] > > John Neiberger wrote: >> >> > I'm just now digging deeper into current VPN technologies since I'm >> > researching Qwest's PRN service. I'm awaiting a definitive answer from >them >> > but it appears that their PRN service is 2764-based, which apparently >means >> > it does not use MPLS like 2547-based VPNs. I'm curious about the >> > implications of choosing one model over the other. >> > >> > I thought the market trend was toward MPLS-based VPNs but 2764 seems to >> > argue against that. What are the implications of choosing one model over >> the >> > other? Are there any major drawbacks to either one that the other >> > addresses? >> > >> > I'm also a little concerned about vendor choices. Nortel seems to be >> pushing >> > 2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is >that >> > correct? If so, is that really that important to the customer? >> > >> > Forgive me if these questions seem pretty vague. I'm still learning >about >> > the technologies involved and I'm not very familiar with the specifics >and >> > the terminology. >> > >> > I'll put in a plug here for Howard's book _Building Service Provider >> > Networks_. Among a number of things it discusses some of these VPN >> > technologies and has been very helpful the last couple of days during my >> > research. >> > >> > John >> Also worth looking at is the hardware component: what will run on >> the hardware you've already got (if anything)? IF you already >> have most or all of the hardware pieces to implement Cisco's >> version, then Cisco's probably makes sense. IF you already have >> the requisite Nortel gear (Passports?), you're probably only >> looking at upgrading to a new PCR (software version). >> >> And there's the training and management aspect -- which suite do >> you know better? Where is the rest of your network going--will >> money spent learning Passport command line be transferable to >> other devices, offering a savings there? My guess is no, but it >> could be possible. Finally, what's the underlying architecture -- >> Passport at its heart is an ATM switch, and Nortel's VPNs using >> virtual routers still looks an awful lot like IP over ATM, with >> all the overhead in play there. If it's Passport they're pitching >> at you, have a good look at the layer 2 technology on switch >> egress. What I saw was: >> >>[data+(local IP hdr)+(carrier IP hdr)+layer2 formatting] >> >> as it went through the cloud. Potentially, that's a lot of >> overhead. If that's not a problem, fine. >> >> Annlee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73066&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
Nakul Malik wrote: > passport at heart an ATM switch/ > > Passport is FR. > > -Nakul > > > > ""annlee"" wrote in message > news:[EMAIL PROTECTED] > >>John Neiberger wrote: >> >> >>>I'm just now digging deeper into current VPN technologies since I'm >>>researching Qwest's PRN service. I'm awaiting a definitive answer from > > them > >>>but it appears that their PRN service is 2764-based, which apparently > > means > >>>it does not use MPLS like 2547-based VPNs. I'm curious about the >>>implications of choosing one model over the other. >>> >>>I thought the market trend was toward MPLS-based VPNs but 2764 seems to >>>argue against that. What are the implications of choosing one model over >> >>the >> >>>other? Are there any major drawbacks to either one that the other >>>addresses? >>> >>>I'm also a little concerned about vendor choices. Nortel seems to be >> >>pushing >> >>>2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is > > that > >>>correct? If so, is that really that important to the customer? >>> >>>Forgive me if these questions seem pretty vague. I'm still learning > > about > >>>the technologies involved and I'm not very familiar with the specifics > > and > >>>the terminology. >>> >>>I'll put in a plug here for Howard's book _Building Service Provider >>>Networks_. Among a number of things it discusses some of these VPN >>>technologies and has been very helpful the last couple of days during my >>>research. >>> >>>John >> >>Also worth looking at is the hardware component: what will run on >>the hardware you've already got (if anything)? IF you already >>have most or all of the hardware pieces to implement Cisco's >>version, then Cisco's probably makes sense. IF you already have >>the requisite Nortel gear (Passports?), you're probably only >>looking at upgrading to a new PCR (software version). >> >>And there's the training and management aspect -- which suite do >>you know better? Where is the rest of your network going--will >>money spent learning Passport command line be transferable to >>other devices, offering a savings there? My guess is no, but it >>could be possible. Finally, what's the underlying architecture -- >>Passport at its heart is an ATM switch, and Nortel's VPNs using >>virtual routers still looks an awful lot like IP over ATM, with >>all the overhead in play there. If it's Passport they're pitching >>at you, have a good look at the layer 2 technology on switch >>egress. What I saw was: >> >> [data+(local IP hdr)+(carrier IP hdr)+layer2 formatting] >> >>as it went through the cloud. Potentially, that's a lot of >>overhead. If that's not a problem, fine. >> >>Annlee The Passport 6000/7000/15000/2000 are all at heart ATM switches. The Passport 8600 series is a renamed Accelar (Bay Networks) switch. They were going to rename it Optera 8600 during the spring of 2002, but then decided to forego that--I never heard why. The Passport 6-20K series are optimized for ATM. They run everything through the backplane, even if it departs the switch on a different circuit of the same Function Processor (blade)--for instance, traffic comes in on port 3 of an 8p DS1 and goes out port 6 of the same DS1 FP. It comes in, passes through to the backplane, and then back into the FP and egresses. Passage out of the FP and through the backplane (which is a bus on the 6/7K and a fabric on the 15/20K) requires segmentation into what are called Passport cells, of 64K (IIRC), sized to hold an internal header and an ATM cell. SAR for this is done on the FP, I forget the name of the processors that do it (QBIC, maybe), but there's an ingress path on the FP all the way through to the backplane and then an egress path from the backplane to the egress port. Each path runs through one of the processors. Reassembly is performed on egress, if needed, which it isn't for ATM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73063&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
passport at heart an ATM switch/ Passport is FR. -Nakul ""annlee"" wrote in message news:[EMAIL PROTECTED] > John Neiberger wrote: > > > I'm just now digging deeper into current VPN technologies since I'm > > researching Qwest's PRN service. I'm awaiting a definitive answer from them > > but it appears that their PRN service is 2764-based, which apparently means > > it does not use MPLS like 2547-based VPNs. I'm curious about the > > implications of choosing one model over the other. > > > > I thought the market trend was toward MPLS-based VPNs but 2764 seems to > > argue against that. What are the implications of choosing one model over > the > > other? Are there any major drawbacks to either one that the other > > addresses? > > > > I'm also a little concerned about vendor choices. Nortel seems to be > pushing > > 2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is that > > correct? If so, is that really that important to the customer? > > > > Forgive me if these questions seem pretty vague. I'm still learning about > > the technologies involved and I'm not very familiar with the specifics and > > the terminology. > > > > I'll put in a plug here for Howard's book _Building Service Provider > > Networks_. Among a number of things it discusses some of these VPN > > technologies and has been very helpful the last couple of days during my > > research. > > > > John > Also worth looking at is the hardware component: what will run on > the hardware you've already got (if anything)? IF you already > have most or all of the hardware pieces to implement Cisco's > version, then Cisco's probably makes sense. IF you already have > the requisite Nortel gear (Passports?), you're probably only > looking at upgrading to a new PCR (software version). > > And there's the training and management aspect -- which suite do > you know better? Where is the rest of your network going--will > money spent learning Passport command line be transferable to > other devices, offering a savings there? My guess is no, but it > could be possible. Finally, what's the underlying architecture -- > Passport at its heart is an ATM switch, and Nortel's VPNs using > virtual routers still looks an awful lot like IP over ATM, with > all the overhead in play there. If it's Passport they're pitching > at you, have a good look at the layer 2 technology on switch > egress. What I saw was: > > [data+(local IP hdr)+(carrier IP hdr)+layer2 formatting] > > as it went through the cloud. Potentially, that's a lot of > overhead. If that's not a problem, fine. > > Annlee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73061&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
John Neiberger wrote: > I'm just now digging deeper into current VPN technologies since I'm > researching Qwest's PRN service. I'm awaiting a definitive answer from them > but it appears that their PRN service is 2764-based, which apparently means > it does not use MPLS like 2547-based VPNs. I'm curious about the > implications of choosing one model over the other. > > I thought the market trend was toward MPLS-based VPNs but 2764 seems to > argue against that. What are the implications of choosing one model over the > other? Are there any major drawbacks to either one that the other > addresses? > > I'm also a little concerned about vendor choices. Nortel seems to be pushing > 2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is that > correct? If so, is that really that important to the customer? > > Forgive me if these questions seem pretty vague. I'm still learning about > the technologies involved and I'm not very familiar with the specifics and > the terminology. > > I'll put in a plug here for Howard's book _Building Service Provider > Networks_. Among a number of things it discusses some of these VPN > technologies and has been very helpful the last couple of days during my > research. > > John Also worth looking at is the hardware component: what will run on the hardware you've already got (if anything)? IF you already have most or all of the hardware pieces to implement Cisco's version, then Cisco's probably makes sense. IF you already have the requisite Nortel gear (Passports?), you're probably only looking at upgrading to a new PCR (software version). And there's the training and management aspect -- which suite do you know better? Where is the rest of your network going--will money spent learning Passport command line be transferable to other devices, offering a savings there? My guess is no, but it could be possible. Finally, what's the underlying architecture -- Passport at its heart is an ATM switch, and Nortel's VPNs using virtual routers still looks an awful lot like IP over ATM, with all the overhead in play there. If it's Passport they're pitching at you, have a good look at the layer 2 technology on switch egress. What I saw was: [data+(local IP hdr)+(carrier IP hdr)+layer2 formatting] as it went through the cloud. Potentially, that's a lot of overhead. If that's not a problem, fine. Annlee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73051&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
hey, John, I understand there is an update to RFC 2549, due out Real Soon Now, which might help you out here. ""John Neiberger"" wrote in message news:[EMAIL PROTECTED] > I'm just now digging deeper into current VPN technologies since I'm > researching Qwest's PRN service. I'm awaiting a definitive answer from them > but it appears that their PRN service is 2764-based, which apparently means > it does not use MPLS like 2547-based VPNs. I'm curious about the > implications of choosing one model over the other. > > I thought the market trend was toward MPLS-based VPNs but 2764 seems to > argue against that. What are the implications of choosing one model over the > other? Are there any major drawbacks to either one that the other > addresses? > > I'm also a little concerned about vendor choices. Nortel seems to be pushing > 2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is that > correct? If so, is that really that important to the customer? > > Forgive me if these questions seem pretty vague. I'm still learning about > the technologies involved and I'm not very familiar with the specifics and > the terminology. > > I'll put in a plug here for Howard's book _Building Service Provider > Networks_. Among a number of things it discusses some of these VPN > technologies and has been very helpful the last couple of days during my > research. > > John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73052&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
""John Neiberger"" wrote in message ... > I'm just now digging deeper into current VPN technologies since > I'm researching Qwest's PRN service. I'm awaiting a definitive > answer from them but it appears that their PRN service is 2764-based, > which apparently means it does not use MPLS like 2547-based VPNs. > I'm curious about the implications of choosing one model over the > other. Use the source, John. Read the RFC's, think of the protocol complexity, check and see if there is any opensource working code (or even examples of code)...even if you don't understand code, you understand `wc -l', right? Now, think of the popularity aspects as well...how many good coders would implement it, and how long have they had to debug it? There are other factors to consider...especially when looking at a vendor. What is the problem you are trying to solve? What are your requirements for your service? For some reason, I doubt your VP or Director is going to reward you for implementing something with "MPLS" in the service offeringbut they might reward you for replacing Frame-Relay or ATM (or even IPSec-based iVPN's) with a more cost-effective, or better working, solution. Finally, when deciding on a product you have to look at all the non-technical requirements as well...especially cost (both the hard costs and the soft, hidden costs). Supportability (for you and for Qwest, and for Qwest's equipment vendor of choice, etc). There are lots of things to consider, really. > I thought the market trend was toward MPLS-based VPNs but 2764 > seems to argue against that. What are the implications of choosing > one model over the other? Are there any major drawbacks to either > one that the other addresses? How about AToM vs. MPLS-VPN or 2547bis vs. Martini? Or Martini vs. Kompella? Or Kompella vs. Kompella (do a LR search for that, it's really funny)? What about L2TPv3/PWE3 vs. any of the above? Does one consider GRE or IP-in-IP? IPSec? How about Interworking (also known as mix-and-match)? When you say MPLS-VPN, I immediately think 2547however, that's becoming less-and-less true. In fact, I don't believe the two largest successful offerings of MPLS-VPN (Level-3's (3)Packet and GX's Smart/ExpressRoute) use 2547 MPLS-VPN's. They use something else. But other vendors don't even use MPLS-VPN to solve the CE-VPN (or even IP-VPN) problem. > I'm also a little concerned about vendor choices. Nortel seems to > be pushing 2764, while Cisco and possibly Juniper are pushing 2547 > and MPLS. Is that correct? If so, is that really that important to > the customer? Cisco is/was pushing two things: UTI and EoMPLS (and now the full line of AToM), mostly non-MPLS PWE3 or MPLS-VPN with Martini. Juniper is/was pushing CCC and K.Kompella. Laurel is/was pushing Martini... this list could go on forever. The new game in town is TiMetra (who was purchased by Alcatel), with VPLS by V.Kompella. Everybody now wants VPLS. It's super bleeding-edge, but the technology works great (on paper). > Forgive me if these questions seem pretty vague. I'm still learning > about the technologies involved and I'm not very familiar with the > specifics and the terminology. You should read LR (Lightreading) and go to SuperComm if you really want to "get into" this stuff. If you really want to understand it, well then you only have one option: RFCs, loose consensus and running code. I, personally, do not want to get heavily into it. It's not mature technology, and it's all bad, IMO. There are a few solid technologies...and they are mostly the ones that were implemented first. Sure, MPLS-VPN with 2547 is great, but it scales horribly and is difficult to manage. It also is dependent on an MPLS core, with no route summarization, full IBGP with MP-BGP, and all the rest of the hooks. It uses two (and if you are using MPLS-TE, then three) labels to work, so it's big and kludgy. And you add all sorts of bugs and overhead to get it working. So if MPLS-VPN with 2547 is poor, think about how all the rest of this stuff also breaks things all the time. It's all poorly implemented! If you want it, you have to pay the price for it. IMO, I think UTI and L2TPv3 with Sprint or C&W have been incredibly as successful as Level-3 and GX's MPLS-VPN products...maybe not in Europe, but that doesn't mean the technology doesn't work thereit's just that MPLS-VPN is very popular in Europe (and Asia). Don't make decisions based on popularity contests or superior technology or even by using what's bleeding or cutting edge. Make the best decision you can with the criteria you set forward with. *Don't* follow a market trend ;> > I'll put in a plug here for Howard's book _Building Service Provider > Networks_. Among a number of things it discusses some of these VPN > technologies and has been very helpful the last couple of days > during my research. Here's some good reading that I recommend (Howard's book is also vv good!). Warning: it'
RFC 2547 vs. RFC 2764 VPNs [7:73048]
I'm just now digging deeper into current VPN technologies since I'm researching Qwest's PRN service. I'm awaiting a definitive answer from them but it appears that their PRN service is 2764-based, which apparently means it does not use MPLS like 2547-based VPNs. I'm curious about the implications of choosing one model over the other. I thought the market trend was toward MPLS-based VPNs but 2764 seems to argue against that. What are the implications of choosing one model over the other? Are there any major drawbacks to either one that the other addresses? I'm also a little concerned about vendor choices. Nortel seems to be pushing 2764, while Cisco and possibly Juniper are pushing 2547 and MPLS. Is that correct? If so, is that really that important to the customer? Forgive me if these questions seem pretty vague. I'm still learning about the technologies involved and I'm not very familiar with the specifics and the terminology. I'll put in a plug here for Howard's book _Building Service Provider Networks_. Among a number of things it discusses some of these VPN technologies and has been very helpful the last couple of days during my research. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73048&t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
