On 2 December 2016 at 18:16, Alia Atlas <akat...@gmail.com> wrote: > This sounds related to the well-known (at least 10+ years) issues around > guessing the > type of IP packet by looking at the first nibble of the encapsulated packet. > Take a quick look at RFC 7325, section 2.4.5.1 bullet 6. > This is what using the pseudo-wire code-word is meant to protect against. > > I don't know if that's an option for networks using this.
Some devices by default look inside pseudowires to find IP inside them, in this case even control-word won't help, you'll need to also disable looking inside pseudowire. -- ++ytti
