[bdNOG] Cisco VPN Router

Sat Nov 16 12:12:29 BDT 2013

Roman Bhai

These discussion generates long chain and not every one is comfortable to
receive so many email in a day.

I'd propose to have Linked In Group which can offer topic based discussion.

We can submit/follow/participate of out topics of interests

Regards
Rubaiyyaat

On Sat, Nov 16, 2013 at 10:31 AM, Aniruddha Barua <aniruddha.barua at colbd.com
> wrote:

> We'd be glad if you could suggest some topics of your interest since you
> are from a Telco. I presume, as far as your topics cover Networking, this
> list and other lists at bdNOG wouldaccommodate.
>
> Regards,
>
> ANIRUDDHA BARUA
> Email: aniruddha.barua at colbd.com, cto at colbd.com
> Cell: +880.1713.111222
> Web: http://www.colbd.com
>
> On 11/16/2013 9:11 AM, Md Ashifuzzaman wrote:
>
>> Can anyone would remove me from the mailing list as I am not relevant
>> with this topics.
>>
>>
>>
>> Thanks & Best Regards,
>>
>> Md Ashifuzzaman
>> Information Technology
>> Banglalink
>> Mobile: +88 019 26662 488
>>
>> -----Original Message-----
>> From: nog-bounces at bdnog.org [mailto:nog-bounces at bdnog.org] On Behalf Of
>> Nurul Islam
>> Sent: Saturday, November 16, 2013 5:21 AM
>> To: Aniruddha Barua
>> Cc: bdNOGNOG list
>> Subject: Re: [bdNOG] Cisco VPN Router
>>
>> Upssssss. You are right Barua "not threats" but threads. Apology. I
>> should disable autocorrect in my mail client. :)
>>
>> -Roman
>>
>>
>> On 16/11/13 4:20 AM, "Aniruddha Barua" <aniruddha.barua at colbd.com> wrote:
>>
>>  Roman bhai,
>>>
>>> Threads. It would be threads. Not threats.;-)
>>>
>>> Regards,
>>>
>>> ANIRUDDHA BARUA
>>> Email: aniruddha.barua at colbd.com, cto at colbd.com
>>> Cell: +880.1713.111222
>>> Web: http://www.colbd.com
>>>
>>>
>>> On Nov 15, 2013, at 11:07 PM, Nurul Islam <nurul at apnic.net> wrote:
>>>
>>>  I think Momen's question is about the overlay VPN model (5/10 years
>>>> ago)  where CPE router create IPSec tunnel (customer data security
>>>> purpose) and  SP POP router need to create another tunnel (GRE/IPSec)
>>>> to isolate their  routing prefixes. Because several customer or SP
>>>> infrastructure might use  the same private address range. I think this
>>>> overlay VPN model is replaced  with MPLS L3 VPN where SP do not need
>>>> to create any GRE/IPSec tunnel to  isolate their routing prefix. SP
>>>> now simply create VRF on the POP router  and individual customer
>>>> prefixes are isolated by VPNv4 address family etc  etc.
>>>>
>>>> By asking "VRF instead of GRE on PE" if you mean MPLS L3/L2 VPN, then
>>>> yes  it is available in Dhaka. At least Pseudo-wire for sure. Is VPLS
>>>> also  available in Bangladesh?
>>>>
>>>> What is the required CPE hardware that is also discussed on other reply.
>>>>
>>>> Thanks to bdNOG community. Keep posting more threats and let everyone
>>>> participate. We need active people to run our NOG.
>>>>
>>>> Regards
>>>>
>>>> Roman
>>>>
>>>>
>>>> On 16/11/13 2:14 AM, "Md. Khairul Alam" <khairulbd at yahoo.com> wrote:
>>>>
>>>>  Hi,
>>>>>
>>>>> I think the the technology using by the SP is not the main concern
>>>>> of the  banks. Banks should have own policy to secure the data
>>>>> transmission  between HO and branches. As a customer I must want the
>>>>> maximum  availability of the link from the SP and choose the security
>>>>> technology  in my routers.
>>>>>
>>>>> For small branches most are using 1900 series with K9 license I
>>>>> guess and
>>>>> 2900 series for larger bandwidth requirement.
>>>>>
>>>>> Thanks very much bdNOG for giving us the opportunity to share.
>>>>>
>>>>> BR//Khairul
>>>>> --------------------------------------------
>>>>> On Fri, 15/11/13, Aniruddha Barua <aniruddha.barua at colbd.com> wrote:
>>>>>
>>>>> Subject: Re: [bdNOG] Cisco VPN Router
>>>>> To: "NOG list, bdNOG" <nog at bdnog.org>
>>>>> Received: Friday, 15 November, 2013, 6:33 PM
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Dear Mr. Momen,
>>>>>
>>>>>
>>>>>
>>>>> I believe you are asking the question considering the entire
>>>>> architecture, not just from the customer (Bank) or the provider (SP)
>>>>> point of view. If a bank wants to connect their branch routers in
>>>>> Layer 2 over SP network, the SP has to give them either GRE based
>>>>> tunnels (Mikrotik's EoIP or PPTP-Bridge etc., are common technics)
>>>>> or MPLS Layer 2 (EoMPLS, VPLS etc.). If a bank wants to connect the
>>>>> branch routers in Layer 3 over SP network, the SP can give them
>>>>> anything from simple routing (Static or Dynamic) to plain VRF (i.e.
>>>>> VRF Lite) to MPLS Layer 3 to even dedicated fiber (this is too much
>>>>> though!!).
>>>>>
>>>>>
>>>>>
>>>>> To maintain information security and confidentiality, regardless of
>>>>> what the SP is providing in its infrastructure, the bank has to
>>>>> encrypt-decrypt (mostly with
>>>>> IPSec) its traffic in between its routers, which will pass through
>>>>> either the Layer 2 tunnels or the Layer 3 routed paths provided by
>>>>> the SP.
>>>>>
>>>>>
>>>>>
>>>>> My question to all is, should banks demand a specific technology
>>>>> like VRF or MPLS or any other from the SP as long as their
>>>>> requirements are met perfectly well by the SP using its current
>>>>> technologies?
>>>>>
>>>>>
>>>>>
>>>>> bdNOG mailing list is on the jazz today. Regards to all,
>>>>>
>>>>>
>>>>>
>>>>> ANIRUDDHA BARUA
>>>>>
>>>>>
>>>>>
>>>>> Email: aniruddha.barua at colbd.com, cto at colbd.com
>>>>>
>>>>>
>>>>>
>>>>> Cell: +880.1713.111222
>>>>>
>>>>>
>>>>>
>>>>> Web: http://www.colbd.com
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ---------- Original Message
>>>>> -----------
>>>>>
>>>>>
>>>>> From: Abdul Momen <abdulmomen918 at gmail.com>
>>>>>
>>>>>
>>>>>
>>>>> To: ariful.islam at totalofftec.com
>>>>>
>>>>>
>>>>>
>>>>> Cc: nog-bounces at bdnog.org, "nog at bdnog.org"
>>>>> <nog at bdnog.org>
>>>>>
>>>>>
>>>>>
>>>>> Sent: Fri, 15 Nov 2013 17:22:33 +1000
>>>>>
>>>>>
>>>>>
>>>>> Subject: Re: [bdNOG] Cisco VPN Router
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  Thanks everyone.
>>>>>>
>>>>>
>>>>>  I believe it is mostly ipsec (CPE
>>>>>>
>>>>> router) inside GRE(PE router)? Is it possible to get VRF instead of
>>>>> GRE on PE router.
>>>>>
>>>>>
>>>>>  Thanks & regards
>>>>>>
>>>>>
>>>>>
>>>>> Momen
>>>>>
>>>>>
>>>>>  On Fri, Nov 15, 2013 at 4:37 PM, Arif @
>>>>>>
>>>>> TOTALOFFTEC
>>>>> <ariful.islam at totalofftec.com>
>>>>> wrote:
>>>>>
>>>>>
>>>>> I have fortinet wifi router.
>>>>>
>>>>>
>>>>> -arif- +8801678005123
>>>>> . Apologies kept short sent from my BlackBerry® smartphone
>>>>> - Airtel
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>>
>>>>>
>>>>> From: Nurul Islam <nurul at apnic.net>
>>>>>
>>>>>
>>>>> Sender: nog-bounces at bdnog.org
>>>>>
>>>>>
>>>>> Date: Fri, 15 Nov 2013 06:17:25
>>>>>
>>>>>
>>>>> To: fakrul at dhakacom.com<fakrul at dhakacom.com>;
>>>>> nog at bdnog.org<nog at bdnog.org>;
>>>>> Abdul Momen<abdulmomen918 at gmail.com>
>>>>>
>>>>>
>>>>> Subject: Re: [bdNOG] Cisco VPN Router
>>>>>
>>>>>
>>>>>
>>>>> Few more on the [UTF-8?]listÅ .MikroTik, Fortigate, What model? what
>>>>> else?
>>>>>
>>>>>
>>>>>
>>>>> And obviously Cisco. (For the elite class I suppose. :).
>>>>>
>>>>>
>>>>>
>>>>> Regards
>>>>>
>>>>>
>>>>>
>>>>> -Roman
>>>>>
>>>>>
>>>>>
>>>>> On 15/11/13 3:42 PM, "Fakrul Alam" <fakrul at dhakacom.com>
>>>>> wrote:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  Dear Mr Momen,
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  Ya, it's mainly 800 series with K9 bundle. I know
>>>>>>
>>>>> few banks who use
>>>>> 1900
>>>>>
>>>>>
>>>>>  series in metropolitan branches where there is higher
>>>>>>
>>>>> b/w & pps
>>>>>
>>>>>
>>>>>  requirements.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  Thanks
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  Fakrul Alam
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  On 11/15/13, 6:29 AM, Abdul Momen wrote:
>>>>>>
>>>>>
>>>>>  Dear bdnog people,
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>  I have a quick question. What are the commonly used
>>>>>>>
>>>>>> VPN router used
>>>>> in
>>>>>
>>>>>
>>>>>  the
>>>>>>>
>>>>>>
>>>>>  bank brunches in Dhaka. I guess CISCO831-K9 still
>>>>>>>
>>>>>> used in some
>>>>> places.
>>>>>
>>>>>
>>>>>  Correct? What are other cost effective
>>>>>>>
>>>>>> alternatives.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  Regards
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>  Momen
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>  _______________________________________________
>>>>>>>
>>>>>>
>>>>>  nog mailing list
>>>>>>>
>>>>>>
>>>>>  nog at bdnog.org
>>>>>>>
>>>>>>
>>>>>  http://mailman.bdnog.org/mailman/listinfo/nog
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>  _______________________________________________
>>>>>>
>>>>>
>>>>>  nog mailing list
>>>>>>
>>>>>
>>>>>  nog at bdnog.org
>>>>>>
>>>>>
>>>>>  http://mailman.bdnog.org/mailman/listinfo/nog
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>>
>>>>>
>>>>> nog mailing list
>>>>>
>>>>>
>>>>> nog at bdnog.org
>>>>>
>>>>>
>>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ------- End of Original Message
>>>>> -------
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> -----Inline Attachment Follows-----
>>>>>
>>>>> _______________________________________________
>>>>> nog mailing list
>>>>> nog at bdnog.org
>>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>>
>>>>> _______________________________________________
>>>>> nog mailing list
>>>>> nog at bdnog.org
>>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>>
>>>> _______________________________________________
>>>> nog mailing list
>>>> nog at bdnog.org
>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>
>>> _______________________________________________
>> nog mailing list
>> nog at bdnog.org
>> http://mailman.bdnog.org/mailman/listinfo/nog
>> _______________________________________________
>> nog mailing list
>> nog at bdnog.org
>> http://mailman.bdnog.org/mailman/listinfo/nog
>>
>
> _______________________________________________
> nog mailing list
> nog at bdnog.org
> http://mailman.bdnog.org/mailman/listinfo/nog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.bdnog.org/pipermail/nog/attachments/20131116/703ee18c/attachment-0001.html>