[c-nsp] MPLS LDP Authentication Scaling
Mark Tinka
mtinka at globaltransit.net
Fri Aug 17 07:50:08 EDT 2007
Hello all.
I've been going over some thoughts about scaling MPLS LDP
authentication in an environment where all MPLS LER's or
LSR's on the same subnet require LDP authentication.
I've had a look at the 'mpls ldp password option' and 'mpls
ldp password required' features, but these require local
ACL's be built and maintained, which also doesn't appear to
scale well across several routers, at first glance.
Some fora suggest LDP authentication only be enabled
on "untrusted LDP peerings".
I'd be happy to hear the current practice most folk adopt.
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20070817/0d1b0042/attachment-0001.bin
More information about the cisco-nsp
mailing list