The MPLS WG Archive

[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index][Thread Index][Author Index][Subject Index]

MPLS over L2TPv3 encap for RFC 2547 VPNs

From: Eric Rosen <erosen@cisco.com>
Date: Thu, 05 Feb 2004 10:54:39 -0500
cc: raszuk@cisco.com, yakov@juniper.net, townsley@cisco.com, mpls@UU.NET, l3vpn@ietf.org
User-Agent: EMH/1.14.1 SEMI/1.14.3 (Ushinoya) FLIM/1.14.3(Unebigoryōmae) APEL/10.3 Emacs/21.3(sparc-sun-solaris2.8) MULE/5.0 (SAKAKI)


> If you do not agree with my  conclusion then I would be interested to know
> if this  just your own  personal view?  I ask because  at a seminar  a few
> months ago attendees were assured by Cisco representatives 

Really, should  know better than to  assume that any statement  made on this
list  is a  statement  of corporate  position.   I would  never assume  that
statements made by BT employees here reflect a corporate position.  

> the forwarding  of VPN packets  using IP/GRE was  just as secure  as using
> MPLS headers. 

When  comparing two security  schemes, you  need to  look at  the particular
threat models of  interest, the likelihood making mistakes  in deploying the
scheme,  the limits  of  applicability  of the  scheme,  etc.  Without  this
context, it is meaningless to say that A is as secure as B.

References:
- MPLS over L2TPv3 encap for RFC 2547 VPNs
  - From: richard.spencer@bt.com