Re: [RRG] APT security and other matters

[Scott Brim <swb@employees.org>]

Excerpts from Robin Whittle on Wed, Mar 12, 2008 11:44:00PM +1100:
> I note that APT places the ITR and ETR functions (typically in the
> same device) at a very specific location: the Provider Edge routers
> of ISPs.  This contrasts with what Dino wrote a few days ago - that
> with LISP the ITR and ETR functions would be in Customer Edge
> routers:
> 
>   http://psg.com/lists/rrg/2008/msg00687.html
> 
>      For Loc/ID purposes (there are several other reasons to use
>      LISP than what is intended by this venue), we want to strongly
>      suggest that xTRs be placed on CE (CPE) routers. We think that
>      is the best balance of tradeoffs.
> 
> The Provider Edge location makes more sense to me.  With Ivip, they
> can be placed anywhere, but the Provider Edge would be a good place.

In order for a site to be able to coordinate behavior of its xTRs, to
any degree and in any way it chooses, it is good to have them under
the site's direct control.  I don't believe we can predict or should
control how a site's xTRs work together.  I hope to be surprised at
sites' innovation.  So it's good if we take that out of the realm of
inter-provider cooperation and put it under the site's control.


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg