[c-nsp] CoPP and mpls explicit-null
kostas anagnopoulos
kostas.anagnopoulos at oteglobe.net
Sun Apr 30 08:49:35 EDT 2006
Sorry for the much delayed reply - just noticed your email...
I think there are at least two good reasons an explicit-null label (mpls) is
needed as opposed to an implicit-null label (no mpls).
One is that the implicit-null label breaks the diffserv "pipe" model lsp for
packets with one label in the stack - packets arrive at the egress PE
unlabeled.
The other reason is that rsvp-te supports only implicit-null labels in
non-IOSXR products. Because of that, directed ldp is needed in some cases,
in order to establish an end-to-end lsp.
Further, the fact that CoPP does not support MPLS (explicit-null) gives me
one more good reason to support your argument.
regards,
kostas
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Saku Ytti
Sent: Tuesday, March 28, 2006 4:40 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] CoPP and mpls explicit-null
Hey,
According to CSCO it's expected that CoPP does not work when explicit-null
is configured. I've observed this behaviour in VXR (12.2(28)SB),
AS5k (12.4(7)), GSR (E0, 12.0(32)S) and NSE100 (12.2(28)SB).
In SUP720-3BXL (12.2(18)SXF3) however this appears to work fluently.
I'm argumenting that popping explicit-null should happen in forwarding-path
before packet is handed over to control-plane.
So am I biased in my argumentation, am I alone with my argumentation and
just inventing stuff up because it doesn't work like I want it to work?
Has anyone else noticed this? Does anyone else consider this rather
serious security impacting, undocumented and unexpected behaviour?
--
++ytti
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the cisco-nsp
mailing list