Use of PE-PE IP/GRE/IPsec for MPLS PWs draft-raggarwa-pwe3-pw-over-ip-00.txt - PowerPoint PPT Presentation

About This Presentation
Title:

Use of PE-PE IP/GRE/IPsec for MPLS PWs draft-raggarwa-pwe3-pw-over-ip-00.txt

Description:

www.juniper.net. MPLS-in-IP/MPLS-in-GRE encapsulation by ingress PE ... www.juniper.net. Relevance to the PWE3 WG. MPLS PWs over IP networks are in the charter ... – PowerPoint PPT presentation

Number of Views:104
Avg rating:3.0/5.0
Slides: 13
Provided by: juni96
Learn more at: https://www.ietf.org
Category:
Tags: gre | mpls | charter | draft | ipsec | net | over | pwe3 | pws | raggarwa | txt | use | www

less

Transcript and Presenter's Notes

Title: Use of PE-PE IP/GRE/IPsec for MPLS PWs draft-raggarwa-pwe3-pw-over-ip-00.txt


1
Use of PE-PE IP/GRE/IPsec for MPLS
PWsdraft-raggarwa-pwe3-pw-over-ip-00.txt
  • Rahul Aggarwal
  • rahul_at_juniper.net

2
Authors
  • Rahul Aggarwal (Juniper)
  • Kireeti Kompella (Juniper)

3
Agenda
  • Problem statement
  • Motivation
  • Specification
  • Relevance to the PWE3 WG
  • Conclusion

3
. www.juniper.net
4
Problem Statement
  • Carrying MPLS PW packets over IP, GRE or IPsec
    tunnels
  • MPLS control plane for PW setup
  • Outer PSN tunnel encapsulation is now IP, GRE or
    IPsec
  • PW label identifies the PW
  • Enable MPLS PWs to be transported over non-MPLS
    networks

4
. www.juniper.net
5
Motivation
  • Non-MPLS routers between the ingress and egress
    PEs
  • IPsec authentication and/or encryption for
    increased security
  • Protection against spoofed packets
  • Protection against transit node misbehavior
  • Encryption of the PW data

5
. www.juniper.net
6
Specification
  • Continue to use MPLS to identify a PW
  • A single label stack i.e. PW label
  • A MPLS-in-IP or MPLS-in-GRE encapsulation used to
    turn the packet into an IP packet
  • Dynamic IP or GRE tunnel between ingress PE and
    egress PE
  • MPLS PW packet gets sent over an IP or GRE tunnel
  • IPsec Transport mode may be used to secure the IP
    or GRE tunnel

6
. www.juniper.net
7
MPLS-in-IP/MPLS-in-GRE encapsulation by ingress PE
  • PW route points to a PW label and a next-hop
  • The next-hop results in MPLS-in-IP or MPLS-in-GRE
    encapsulation
  • IP source address address of the ingress PE
  • IP destination address address of the egress PE
  • The IP/GRE tunnels are not preconfigured

7
. www.juniper.net
8
Application of IPsec by Ingress PE
  • Ingress PE needs to establish an IPsec SA with
    the egress PE
  • IKE may be needed for key distribution
  • IPsec procedures result in a packet with an IP
    header, followed by an IPsec header followed by
    MPLS-in-IP/MPLS-in-GRE encapsulation

8
www.juniper.net
9
Procedures at the Egress PE
  • Egress PE should be able to de-capsulate
    MPLS-in-IP or MPLS-in-GRE packets
  • MPLS PW packets then MPLS switched
  • For IPsec
  • IKE and SAs
  • Apply IPsec procedures to the incoming IPsec
    packet
  • Recover the contained MPLS-in-IP/MPLS-in-GRE
    packet

9
www.juniper.net
10
Relevance to the PWE3 WG
  • MPLS PWs over IP networks are in the charter
  • This document describes procedures for carrying
    MPLS PWs over IP/GRE/IPsec tunnels
  • Meets requirements not met by existing
    specifications
  • Does not concern itself with IP/GRE/IPsec PSN
    setup

10
www.juniper.net
11
Conclusion
  • Request to be a WG document
  • http//www.ietf.org/internet-drafts/draft-raggarwa
    -pwe3-pw-over-ip-00.txt

11
www.juniper.net
12
Thank You
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Use of PE-PE IP/GRE/IPsec for MPLS PWs draft-raggarwa-pwe3-pw-over-ip-00.txt" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!