On Tue, 7 Aug 2001, Andy Walden wrote:
Experts call MPLS bad for 'Net
I think its pretty well known that multiple routing tables, ala 2547-bis, is not scalable. Apparently the author was fed the story and doesn't have
Why not? Each MPLS VPN will likely not add very many routes. Having just setup a few MPLS VPNs, I think the only hard parts were finding clear docs/examples on Cisco's web site and working around IOS bugs encountered while turning up some of the VPN circuits. We're using BGP to distribute static and connected routes between our PE's and the CE's all have static routes, mostly just defaults. Once you've done one, it's really not any harder than turning up a regular IP customer. It's certainly easier than dealing with the traditional VPN support in some CPE hardware. I don't buy the security concern that we'll misconfigure VPNs and leak routes and traffic from one to another. I do think MPLS VPNs will give customers a false sense of security though. As others have mentioned, it's not really virtual, and it's not private. Their packets still ride our network without encryption. It's segregated by our routers, but not private. Unfortunately, a few network providers started the ball rolling by offering this type of service, and now some customers expect it, even if their original provider went out of business. So we've been rushed into figuring out and deploying it. -- ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________