MPLS and VPN Architectures, Volume II

Summary

This chapter covered some aspects of how to make an MPLS-VPN more secure from unauthorized access and attack. No network is impervious to attack, but by following simple configuration rules, you can minimize security breaches. In summary:

MPLS-VPNs provide a high level of security, including address separation, no visibility of the core network, and resistance to label spoofing.
Use registered addresses for the core infrastructure and PE/CE circuits. This avoids an overlap problem on PE/CE circuits and allows the service provider to filter core addressing for CE routers that are using dynamic routing protocols.
Always apply filters inbound on the PE routers to limit access to the PE circuit address for routing protocols and pings only. ...

Get MPLS and VPN Architectures, Volume II now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

MPLS and VPN Architectures, Volume II by Jim Guichard, Ivan Pepelnjak, Jeff Apcar

Summary

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly