On Wed, 2002-11-27 at 02:54, Michel Py wrote: > Mark, > > > Mark Smith > > 2) Globals and GUPIs - you don't want to rely on the > > stability of your allocated globals for your internal > > connectivity, so you roll out GUPI address space as well. > > GUPIs are used for your internal communications ie > > communications that doesn't travel across links that are > > part of the public Internet. > > This wording is confusing. If using tunnels, the endpoints can have > publicly routable addresses and the tunnel address itself can be GUPI. > Even frame-relay sometimes travels over IP.
This is a conceptual problem with tunnels, I struggled with it for quite a while in my previous job. The best way I've found to handle it is firstly think about the global routing requirements of the tunnel, and configure the tunnel end points. Once the tunnel is up, forget that there is a sub-VPN IP layer, and, from the point of the view of the attached network, just consider it to be a point-to-point layer 2 link with some slightly unusual transmission characteristics. In my above description, once you consider the VPN to be just a point to point internal link, the GUPI addressed packets do not travel across the public Internet. The outer encapsulating packets do though, but that is the nature of the "layer 2" link you are using. Regards, Mark. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
