2547 over "not MPLS" (Re: 2447bis and related documents)

Ross Callon <rcallon@juniper.net> Sun, 01 February 2004 02:55 UTC

Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA19648 for <vpn-dir-archive@odin.ietf.org>; Sat, 31 Jan 2004 21:55:53 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1An7le-0000Dv-3X for vpn-dir-archive@odin.ietf.org; Sat, 31 Jan 2004 21:55:26 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i112tQp4000853 for vpn-dir-archive@odin.ietf.org; Sat, 31 Jan 2004 21:55:26 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1An7ld-0000Dg-UR for vpn-dir-web-archive@optimus.ietf.org; Sat, 31 Jan 2004 21:55:25 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA19638 for <vpn-dir-web-archive@ietf.org>; Sat, 31 Jan 2004 21:55:22 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1An7lb-0007cg-00 for vpn-dir-web-archive@ietf.org; Sat, 31 Jan 2004 21:55:23 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1An7kd-0007XZ-00 for vpn-dir-web-archive@ietf.org; Sat, 31 Jan 2004 21:54:24 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1An7kF-0007Si-00 for vpn-dir-web-archive@ietf.org; Sat, 31 Jan 2004 21:53:59 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1An7kG-0000CB-S7; Sat, 31 Jan 2004 21:54:00 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1An7jg-0000Aj-MZ for vpn-dir@optimus.ietf.org; Sat, 31 Jan 2004 21:53:28 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA19559 for <vpn-dir@ietf.org>; Sat, 31 Jan 2004 21:53:21 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1An7jd-0007Rl-00 for vpn-dir@ietf.org; Sat, 31 Jan 2004 21:53:21 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1An7ij-0007Lf-00 for vpn-dir@ietf.org; Sat, 31 Jan 2004 21:52:25 -0500
Received: from colo-dns-ext2.juniper.net ([207.17.137.64]) by ietf-mx with esmtp (Exim 4.12) id 1An7iB-0007De-00 for vpn-dir@ietf.org; Sat, 31 Jan 2004 21:51:51 -0500
Received: from merlot.juniper.net (merlot.juniper.net [172.17.27.10]) by colo-dns-ext2.juniper.net (8.12.3/8.12.3) with ESMTP id i112pLBm093853; Sat, 31 Jan 2004 18:51:21 -0800 (PST) (envelope-from rcallon@juniper.net)
Received: from rcallon-lt.juniper.net (securepptp177.static.jnpr.net [172.24.253.177]) by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id i112pKh16621; Sat, 31 Jan 2004 18:51:21 -0800 (PST) (envelope-from rcallon@juniper.net)
Message-Id: <4.3.2.20040130142850.01383b48@zircon.juniper.net>
X-Sender: rcallon@zircon.juniper.net (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 4.3
Date: Sat, 31 Jan 2004 21:49:30 -0500
To: Thomas Narten <narten@us.ibm.com>
From: Ross Callon <rcallon@juniper.net>
Subject: 2547 over "not MPLS" (Re: 2447bis and related documents)
Cc: vpn-dir@ietf.org
In-Reply-To: <200401271702.i0RH2AJ05563@cichlid.raleigh.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: vpn-dir-admin@ietf.org
Errors-To: vpn-dir-admin@ietf.org
X-BeenThere: vpn-dir@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/vpn-dir>, <mailto:vpn-dir-request@ietf.org?subject=unsubscribe>
List-Id: VPN Directorate <vpn-dir.ietf.org>
List-Post: <mailto:vpn-dir@ietf.org>
List-Help: <mailto:vpn-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/vpn-dir>, <mailto:vpn-dir-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=2.0 required=5.0 tests=AWL,FORGED_MUA_EUDORA autolearn=no version=2.60

>Indeed, I'm a bit confused about the way the documents try to say one
>doesn't have to run MPLS (citing draft-ietf-mpls-in-ip-or-gre-03.txt)
>as if it was NOT MPLS. How can this be? One absolutely must support
>the MPLS labeling scheme, or this stuff just doesn't work. That is,
>MPLS in IP is still MPLS. Right? (What am I missing here.)

The answer to this question is a bit less controversial and more 
straightforward than the answers to the rest of your message, so
I figured I would start with this part. 

Basically the answer depends upon what you mean by "MPLS",
and in which of your routers you are willing to run it. 

In terms of encapsulation, for each packet which is transmitted "in 
the VPN" (ie, each packet which is from a VPN site, to a VPN site, 
and is being transported across the service provider), the BGP/MPLS 
VPN solution requires that (i) the packet be encapsulated in an 
MPLS header; (ii) *some* additional encapsulation (MPLS or IPsec
or MPLS-in-GRE-in-IP or MPLS-in-IP) be used to get the VPN packet, 
encapsulated in the MPLS header, to the appropriate PE router. 

Thus in the most basic form some use of MPLS is needed. However,
strictly speaking this is only *required* in the PE routers, and only in
those specific PE routers which are directly implementing BGP/MPLS
VPNs. Also, all of the signalling regarding which labels to use for this
particular "PE only" MPLS headers is done with BGP, so that no
additional MPLS signaling protocol is required. 

If a second MPLS header is used for transmitting the packets across
the provider backbone, then (i) The provider core routers need to also
implement MPLS; and (ii) An additional MPLS signaling protocol 
(either LDP or RSVP, or both) needs to be run across the network,
from PE router to P router to P router to PE router. This requires more
configuration, and in many cases implies that routers from multiple 
companies interoperate (there are many multi-vendor deployments of 
MPLS, but this doesn't necessarily mean that every service provider 
feels comfortable with the interoperability of every combination of 
vendors that they might have deployed in their network). 

In the past I have talked to a small number of service providers (but 
not necessarily small service providers) who were reluctant to turn 
on MPLS signaling on all of their P and PE routers, and who were
therefore at least pondering the possibility of running 2547 using the 
"private packet over MPLS over GRE over IP" encapsulation. I am
under the impression that there are some deployments of this,
including multi-vendor deployments, although I don't know how much. 

Ross



_______________________________________________
Vpn-dir mailing list
Vpn-dir@ietf.org
https://www1.ietf.org/mailman/listinfo/vpn-dir