Linda Dunbar <[email protected]> wrote: > When you said “IPs are sourced loopbacks that are part of a prefix > exported to the the isp(s) in each site”, do you mean that the private > Loopback addresses of CPE1 & CPE2 are routable in all four ISPs’ that > connected to A1, A2, B1, B2?
No, he is saying that the CPE1 and CPE2 are each using provider independent address space and are multihomed to ISP1/ISP2 and ISP3/ISP4 respectively. If the *private* addresss space of CPE1/CPE2 were visible to the ISPs, then it wouldn't really be a V*Private*N. Such things are common in MPLS, ATM, FrameRelay, and the newer L3VPN technologies that are sold as managed solutions. You need four IPsec SAs. They could be transport+GRE/IPIP tunnels rather than IPsec Tunnel model SAs with a routing protocol on-top though. -- Michael Richardson <[email protected]>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
