On 2/Sep/15 16:08, Jared Mauch wrote:
> It’s really because some people who drink the MPLS/VPN/VRF/VLAN kook-aid > think it’s some magic that undoes fate sharing and proper engineering and > planning. That a few bytes for a label of VLAN tag make your data more > secure. > > It’s possible to build a network that works without all these vendor pushed > tricks. I see where Roland is trying to go and he’s in the “magic byte” > realm of the extra label makes it “OOB” where as the rest of us just see 1’s > and 0’s on the wire and know a bit is a bit regardless of tag-switching (the > original name for MPLS) or IEEE 802.1q label. I’m sure there are people > still doing ISL but i’d rather not. There was a time when the early MPLS/VPN adopters built physically separate routers for MPLS traffic. When it became clear that this was not a good way to scale, they moved to building dedicated line cards in shared routers for MPLS/VPN's. As we see today, those that build - heaven forbid - "converged" networks tend to derive better ROI's from their network infrastructure. I'd be hard-pressed to hear from even the largest of operators physically separating MPLS and IP traffic at the hardware and/or link level. As you, Jared, say, and as I said in a previous post, both MPLS and IP traffic follows the same data plane. The routing table separation construct does not survive chassis-wide failures. Mark.
