The MPLS WG Archive[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index][Thread Index][Author Index][Subject Index] MPLS over L2TPv3 encap for RFC 2547 VPNs
Mark, richard.spencer@bt.com wrote: > > > Mark, > > > > The justification for using L2TP as opposed to IP or GRE encapsulation over > > an IP PSN seems to be that security is improved. However, from what I > > Actually, the justification is 3-fold. As detailed in Section 5 > "Applicability" of draft-townsley-l3vpn-l2tpv3-00.txt, the first > two reasons have more to do with whether or not you are using L2TPv3 > for other services on your network a nd wish to maintain a homogeneous > type of tunneling encapsulation for MPLS as we ll as FR, ATM, etc. If you already using l2tpv3 for other services, that means that you already using l2tpv3 signaling as well. So, why for 2547 you would use BGP as a signaling protocol ? > Incidentally, these two are precisely the same two reasons given > for why one might choose a GRE encap vs. an IP encap. The analogy does not work, as there is one significant difference between GRE and l2tpv3 - GRE encaps does not require any signaling, l2tpv3 does. [clipped...[ > >> From an L2 perspective I can see that L2TP could be useful as it is well > >> suited for encapsulating and signalling L2 tunnels. However, I do not see > >> why L2TP is useful for L3 VPNs, why not just use GRE or IP encapsulations, > >> which don't require any signalling? I could maybe understand if a provider > >> was using L2TP for L2 services and wanted to reuse L2Tp for L3 services, > >> but if so, why use BGP signalling why not use L2TP signalling? > > We are only advertising a single Session/Cookie per PE (not per PE pair, per > VPN, etc). So, for the 2547 L3VPN case, we can include this Session/Cookie in > the BGP Next Hop Update allowing it to become part of the single adjacency > that gets built for sending all 2547 traffic over L2TPv3/IP to that PE. Two points: 1. Could you please elaborate on the benefits of doing this relative to the use of l2tpv3 signaling. 2. In the VR case, we would only advertise a single Session/Cookie per PE (not per PE pair, per VPN, etc). So, for the VR L3VPN case, we can include this Session/Cookie in the BGP Next Hop Update allowing it to become part of the single adjacency that gets built for sending all VR VPN traffic over L2TPv3/IP to that PE. Which is exactly my point - from the BGP-based l2tp signaling exactly the same procedures are used for both VR and 2547. Yakov.
|
|