Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Networking

    Beware MPLS VPN Tech Challenges

    By
    eWEEK EDITORS
    -
    August 20, 2001
    Share
    Facebook
    Twitter
    Linkedin

      Plans to deploy virtual private networks using a new technology have sparked recent controversy, with the debate illustrating the need for technology managers to tune in to different ways carriers propose using Multiprotocol Label Switching.

      MPLS is an advanced way of managing Internet traffic by letting carriers merge different types of data traffic over one IP backbone, improving their ability to offer different classes of service.

      Today marks the biggest deployment yet of a VPN over MPLS: Eight million Hong Kong residents will be able to watch movies on their home computers by plugging into Ethernet outlets in their apartments.

      But one influential researcher, Randy Bush, has gone so far as to say an up-and-coming technique for setting up MPLS-based VPNs would ruin the networks supporting them. The AT&T Labs scientist warns of network management problems and potential security issues that may arise as a result of errors by network operators running complex VPN setups.

      Bush focused his criticism on a technique outlined in RFC 2547, an Internet Engineering Task Force informational document promoted by vendors such as Cisco Systems and Juniper Networks. The MPLS technique is supposed to provide businesses with IP VPNs that are as much as 30 percent cheaper to run than those using Asynchronous Transfer Mode or frame relay.

      The technique uses Border Gateway Protocol (BGP), which sets up routing tables in large networks. The tables are code sequences that tell routers how to forward packets from one machine to another. Many service providers already have trouble managing these tables to ensure good connectivity, because a change in one table affects many others. Adding thousands of such tables — as proposed by Cisco and Juniper for individual VPN sessions — would make the risk of managing this software close to impossible, Bush said.

      “It severely complicates the core,” Bush said. “Its a serious issue of managing one BGP table — you want me to have how many thousand of them? But it is a great scam to sell more routers to hold all those BGP tables!”

      If Bush is correct, business customers might run into problems after purchasing services from network providers using this provisioning scheme. Shopping for services such as VPNs could get complicated, with users having to understand finer points of data networking to ensure that the service they buy today will still be working tomorrow.

      One key distinction I-managers need to make is between VPNs offered over low bandwidth, such as in remote offices, and those offered over fatter pipes, such as in metro networks, said Irwin Lazar, a senior consultant of The Burton Group. The two networks tend to deploy MPLS in different layers of the network.

      Most metro networks using MPLS that base services on VPN-type functionality provision these services in Layer 2 of the network and offer them over a high-bandwidth pipe. Layer 2, a “dumber” part of the data pipe, distinguishes between protocols, but does not participate in routing packets. Layer 3, a “smarter” layer that actually routes packets, is where the RFC 2547 technique would be deployed.

      It is a Layer 2 MPLS VPN that Hutchison Global Crossing is using in Hong Kong. Executives at router vendor Riverstone Networks, which won the multimillion-dollar Hutchison contract, said for the time being they are steering clear of Layer 3 MPLS VPNs. “Trying to provision VPNs using the Layer 3 BGP approach is quite a complex task for an average service provider; the Layer 2 approach is a lot simpler and easier to provision,” said Tim Wu, Riverstones technical marketing director.

      The Hong Kong system Riverstone helped build dynamically provides dedicated virtual circuits to millions of users. It enables services such as movies-on-demand, where individual users are assigned bandwidth streams with a guaranteed quality level.

      Vendors supporting the RFC 2547 technique acknowledge that special routers and technical experts will be needed to manage the new services — such as VPN management — they plan to offer. Juniper already offers software that helps routers handle additional VPN routing information.

      “In a sense, there is no free lunch,” said Ross Callon, a Juniper engineer. “If you have 100,000 customers, each one of which has a private network and wants wide area connectivity, there is a lot of work that needs to be done somewhere, by somebody.”

      So customers shopping for VPNs should pick a carrier carefully, said Bushs colleagues at AT&T. AT&T plans to start offering VPNs based on RFC 2547 in 2002.

      “There may be things within the standards that arent there or are not spelled out; I think it is up to service providers like AT&T to fill in those gaps and be able to scale this,” said Rose Klimovich, AT&T director of global Internet network services.

      AT&T is building specialized tools to manage MPLS-enabled gear, has formulated engineering rules to develop MPLS networks in a secure fashion and is building a scalable operations support system that could manage large amounts of data, she said.

      Avatar
      eWEEK EDITORS

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×