If you use LDP, it is NOT a routing protocol. The specific mode of use
(targeted LDP) is already described in RFC 3036. The FECs are
different, but
the FEC TLV was defined in such a way as to be extensible.
And when you want to do this inter-domain? Everything else seems to
have made it's way into BGP so I think that Pekkas concerns are valid...
That's only because the IETF hasn't made security easy enough, light enough, or
something. Now some people use the argument that everything should go into BGP
because "opening another port into the provider network is a security breach."
Why is port 646 (LDP) any more insecure than port 179 (BGP)?
- we must not create complexity by deploying ethernet bridging all
over
the Internet. Our work should be focused on making IP work, not
specifying Ethernet-over-IP (or worse, Ethernet-over-IP as a
*service*).
Primarily, folks want to use it as in "Ethernet-over-MPLS". That may
not
necessarily go down well with you either, but think of MPLS as a
logical FR.
Providers do not want to change their infrastructure, e.g., replace a
FR cloud
with an ATM cloud, then with SONET or GigE. That's mega-expensive. By
abstracting the L2 using MPLS, they can provide the L2VPN service
without
wholesale infrastructure replacement.
Most of these providers have bought what their vendor told them to buy,
but let's not go into that here.
Sheesh! No, let's go there. You're talking about my potential customers, and I
want to know if they really are so dense that I shouldn't have been spending all
this time working on a protocol - I could have just given them a couple of
high-priced tin cans and a piece of string.
Who exactly the IETF is going to be providing protocols for? For protocols such
as these, it is the providers who deploy them. You claim that most of the
providers have little or no discernment. Let's give credit to the providers.
There are a large number of them who know what they are doing. Many of them
participate in the standards.
- it is architecturally wrong: use different subnets, period --
that's
what those are meant for in the first place!
Use different subnets to create VPNs? I don't understand what you
mean. VPLS
and VPWS address a requirement for multiple domains (aka VPNs),
logically
distinct from and invisible to each other.
Pekka is right in that most of the applications of VPNs today could
actually be solved as good with "real addresses" and routing across
networks.
You probably haven't read the requirements documents then.
Btw. how is this different from currently-specified GRE tunneling? It
being made a "service"?
GRE-tunneling is one option, but only for the transport of the VC.
However, you
need a demux field to identify the VC that you are carrying. Carrying
one
customer VC between a pair of PEs is obviously not adequate.
L2TPv3? Whats the advantage with this over the existing protocol that
the IETF have?
- kurtis -
-Vach