[c-nsp] MPLS down to the CPE
Saku Ytti
saku at ytti.fi
Tue Mar 5 04:38:56 EST 2013
On (2013-03-05 09:58 +0100), Adam Vitkovsky wrote:
> -with adding CEs into your MPLS cloud you're going to increase the number of
> routes IGP has to carry.
Unless you run OptB
> > Security is the main concern
> I don't know about this one.
> How plausible is that customer will replace your device with theirs without
> you noticing it + they crack all the passwords so they can run ISIS, LDP and
> BGP sessions with you.
They don't need to crack anything, they can just inject labels to the wire
and get frames delivered.
I feel customers are putting certain level of trust and expectation on how
I handle MPLS network when they buy L3 MPLS VPN from me, and I suspect many
would feel that above is breaking that trust.
--
++ytti
More information about the cisco-nsp
mailing list