[bdNOG] Cisco VPN Router
Aniruddha Barua
aniruddha.barua at colbd.com
Sat Nov 16 10:31:40 BDT 2013
We'd be glad if you could suggest some topics of your interest since you
are from a Telco. I presume, as far as your topics cover Networking,
this list and other lists at bdNOG wouldaccommodate.
Regards,
ANIRUDDHA BARUA
Email: aniruddha.barua at colbd.com, cto at colbd.com
Cell: +880.1713.111222
Web: http://www.colbd.com
On 11/16/2013 9:11 AM, Md Ashifuzzaman wrote:
> Can anyone would remove me from the mailing list as I am not relevant with this topics.
>
>
>
> Thanks & Best Regards,
>
> Md Ashifuzzaman
> Information Technology
> Banglalink
> Mobile: +88 019 26662 488
>
> -----Original Message-----
> From: nog-bounces at bdnog.org [mailto:nog-bounces at bdnog.org] On Behalf Of Nurul Islam
> Sent: Saturday, November 16, 2013 5:21 AM
> To: Aniruddha Barua
> Cc: bdNOGNOG list
> Subject: Re: [bdNOG] Cisco VPN Router
>
> Upssssss. You are right Barua "not threats" but threads. Apology. I should disable autocorrect in my mail client. :)
>
> -Roman
>
>
>
> On 16/11/13 4:20 AM, "Aniruddha Barua" <aniruddha.barua at colbd.com> wrote:
>
>> Roman bhai,
>>
>> Threads. It would be threads. Not threats.;-)
>>
>> Regards,
>>
>> ANIRUDDHA BARUA
>> Email: aniruddha.barua at colbd.com, cto at colbd.com
>> Cell: +880.1713.111222
>> Web: http://www.colbd.com
>>
>>
>> On Nov 15, 2013, at 11:07 PM, Nurul Islam <nurul at apnic.net> wrote:
>>
>>> I think Momen's question is about the overlay VPN model (5/10 years
>>> ago) where CPE router create IPSec tunnel (customer data security
>>> purpose) and SP POP router need to create another tunnel (GRE/IPSec)
>>> to isolate their routing prefixes. Because several customer or SP
>>> infrastructure might use the same private address range. I think this
>>> overlay VPN model is replaced with MPLS L3 VPN where SP do not need
>>> to create any GRE/IPSec tunnel to isolate their routing prefix. SP
>>> now simply create VRF on the POP router and individual customer
>>> prefixes are isolated by VPNv4 address family etc etc.
>>>
>>> By asking "VRF instead of GRE on PE" if you mean MPLS L3/L2 VPN, then
>>> yes it is available in Dhaka. At least Pseudo-wire for sure. Is VPLS
>>> also available in Bangladesh?
>>>
>>> What is the required CPE hardware that is also discussed on other reply.
>>>
>>> Thanks to bdNOG community. Keep posting more threats and let everyone
>>> participate. We need active people to run our NOG.
>>>
>>> Regards
>>>
>>> Roman
>>>
>>>
>>> On 16/11/13 2:14 AM, "Md. Khairul Alam" <khairulbd at yahoo.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> I think the the technology using by the SP is not the main concern
>>>> of the banks. Banks should have own policy to secure the data
>>>> transmission between HO and branches. As a customer I must want the
>>>> maximum availability of the link from the SP and choose the security
>>>> technology in my routers.
>>>>
>>>> For small branches most are using 1900 series with K9 license I
>>>> guess and
>>>> 2900 series for larger bandwidth requirement.
>>>>
>>>> Thanks very much bdNOG for giving us the opportunity to share.
>>>>
>>>> BR//Khairul
>>>> --------------------------------------------
>>>> On Fri, 15/11/13, Aniruddha Barua <aniruddha.barua at colbd.com> wrote:
>>>>
>>>> Subject: Re: [bdNOG] Cisco VPN Router
>>>> To: "NOG list, bdNOG" <nog at bdnog.org>
>>>> Received: Friday, 15 November, 2013, 6:33 PM
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Dear Mr. Momen,
>>>>
>>>>
>>>>
>>>> I believe you are asking the question considering the entire
>>>> architecture, not just from the customer (Bank) or the provider (SP)
>>>> point of view. If a bank wants to connect their branch routers in
>>>> Layer 2 over SP network, the SP has to give them either GRE based
>>>> tunnels (Mikrotik's EoIP or PPTP-Bridge etc., are common technics)
>>>> or MPLS Layer 2 (EoMPLS, VPLS etc.). If a bank wants to connect the
>>>> branch routers in Layer 3 over SP network, the SP can give them
>>>> anything from simple routing (Static or Dynamic) to plain VRF (i.e.
>>>> VRF Lite) to MPLS Layer 3 to even dedicated fiber (this is too much
>>>> though!!).
>>>>
>>>>
>>>>
>>>> To maintain information security and confidentiality, regardless of
>>>> what the SP is providing in its infrastructure, the bank has to
>>>> encrypt-decrypt (mostly with
>>>> IPSec) its traffic in between its routers, which will pass through
>>>> either the Layer 2 tunnels or the Layer 3 routed paths provided by
>>>> the SP.
>>>>
>>>>
>>>>
>>>> My question to all is, should banks demand a specific technology
>>>> like VRF or MPLS or any other from the SP as long as their
>>>> requirements are met perfectly well by the SP using its current
>>>> technologies?
>>>>
>>>>
>>>>
>>>> bdNOG mailing list is on the jazz today. Regards to all,
>>>>
>>>>
>>>>
>>>> ANIRUDDHA BARUA
>>>>
>>>>
>>>>
>>>> Email: aniruddha.barua at colbd.com, cto at colbd.com
>>>>
>>>>
>>>>
>>>> Cell: +880.1713.111222
>>>>
>>>>
>>>>
>>>> Web: http://www.colbd.com
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------- Original Message
>>>> -----------
>>>>
>>>>
>>>> From: Abdul Momen <abdulmomen918 at gmail.com>
>>>>
>>>>
>>>>
>>>> To: ariful.islam at totalofftec.com
>>>>
>>>>
>>>>
>>>> Cc: nog-bounces at bdnog.org, "nog at bdnog.org"
>>>> <nog at bdnog.org>
>>>>
>>>>
>>>>
>>>> Sent: Fri, 15 Nov 2013 17:22:33 +1000
>>>>
>>>>
>>>>
>>>> Subject: Re: [bdNOG] Cisco VPN Router
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>> Thanks everyone.
>>>>
>>>>> I believe it is mostly ipsec (CPE
>>>> router) inside GRE(PE router)? Is it possible to get VRF instead of
>>>> GRE on PE router.
>>>>
>>>>
>>>>> Thanks & regards
>>>>
>>>>
>>>> Momen
>>>>
>>>>
>>>>> On Fri, Nov 15, 2013 at 4:37 PM, Arif @
>>>> TOTALOFFTEC
>>>> <ariful.islam at totalofftec.com>
>>>> wrote:
>>>>
>>>>
>>>> I have fortinet wifi router.
>>>>
>>>>
>>>> -arif- +8801678005123
>>>> . Apologies kept short sent from my BlackBerry® smartphone
>>>> - Airtel
>>>>
>>>>
>>>>
>>>>
>>>> -----Original Message-----
>>>>
>>>>
>>>> From: Nurul Islam <nurul at apnic.net>
>>>>
>>>>
>>>> Sender: nog-bounces at bdnog.org
>>>>
>>>>
>>>> Date: Fri, 15 Nov 2013 06:17:25
>>>>
>>>>
>>>> To: fakrul at dhakacom.com<fakrul at dhakacom.com>;
>>>> nog at bdnog.org<nog at bdnog.org>;
>>>> Abdul Momen<abdulmomen918 at gmail.com>
>>>>
>>>>
>>>> Subject: Re: [bdNOG] Cisco VPN Router
>>>>
>>>>
>>>>
>>>> Few more on the [UTF-8?]listÅ .MikroTik, Fortigate, What model? what
>>>> else?
>>>>
>>>>
>>>>
>>>> And obviously Cisco. (For the elite class I suppose. :).
>>>>
>>>>
>>>>
>>>> Regards
>>>>
>>>>
>>>>
>>>> -Roman
>>>>
>>>>
>>>>
>>>> On 15/11/13 3:42 PM, "Fakrul Alam" <fakrul at dhakacom.com>
>>>> wrote:
>>>>
>>>>
>>>>
>>>>
>>>>> Dear Mr Momen,
>>>>
>>>>
>>>>
>>>>> Ya, it's mainly 800 series with K9 bundle. I know
>>>> few banks who use
>>>> 1900
>>>>
>>>>
>>>>> series in metropolitan branches where there is higher
>>>> b/w & pps
>>>>
>>>>
>>>>> requirements.
>>>>
>>>>
>>>>
>>>>> Thanks
>>>>
>>>>
>>>>
>>>>> Fakrul Alam
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>> On 11/15/13, 6:29 AM, Abdul Momen wrote:
>>>>
>>>>>> Dear bdnog people,
>>>>
>>>>
>>>>
>>>>>> I have a quick question. What are the commonly used
>>>> VPN router used
>>>> in
>>>>
>>>>
>>>>>> the
>>>>
>>>>>> bank brunches in Dhaka. I guess CISCO831-K9 still
>>>> used in some
>>>> places.
>>>>
>>>>
>>>>>> Correct? What are other cost effective
>>>> alternatives.
>>>>
>>>>
>>>>
>>>>
>>>>>> Regards
>>>>
>>>>
>>>>
>>>>>> Momen
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>> _______________________________________________
>>>>
>>>>>> nog mailing list
>>>>
>>>>>> nog at bdnog.org
>>>>
>>>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>
>>>>
>>>>
>>>>> _______________________________________________
>>>>
>>>>> nog mailing list
>>>>
>>>>> nog at bdnog.org
>>>>
>>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>>
>>>>
>>>> nog mailing list
>>>>
>>>>
>>>> nog at bdnog.org
>>>>
>>>>
>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>
>>>>
>>>>
>>>>
>>>> ------- End of Original Message
>>>> -------
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> -----Inline Attachment Follows-----
>>>>
>>>> _______________________________________________
>>>> nog mailing list
>>>> nog at bdnog.org
>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>>>
>>>> _______________________________________________
>>>> nog mailing list
>>>> nog at bdnog.org
>>>> http://mailman.bdnog.org/mailman/listinfo/nog
>>> _______________________________________________
>>> nog mailing list
>>> nog at bdnog.org
>>> http://mailman.bdnog.org/mailman/listinfo/nog
> _______________________________________________
> nog mailing list
> nog at bdnog.org
> http://mailman.bdnog.org/mailman/listinfo/nog
> _______________________________________________
> nog mailing list
> nog at bdnog.org
> http://mailman.bdnog.org/mailman/listinfo/nog
More information about the nog
mailing list