> > > >> Is this behavior also observed in IPv4 implementations? > >In all environments. Even VXLAN/LISP data-center environments. > >> Also, is there serious consideration to using LISP as a VPN mechanism >>(as suggested in draft-ietf-lisp-impact-01 and >>draft-ietf-lisp-introduction-13). If so, this behavior should be >>mentioned in the Threats document. > >Yes, there are several large deployments and there was a use-case ID that >was written and has expired. > >Dino
Just a note that there is no VPN leak even if a PxTR is configured for the VPN and an EID doesn’t exist. The PxTR for a VRF has to be connected to the VRF in some manner and will only forward VRF traffic to/from the legacy VPN network and the LISP VPN network. This is a common method used for transitioning from another VPN model to LISP or for marrying different parts of a network. The PxTR acts just like an xTR for the non-LISP part of a VPN. Selina > >> >> Ron Bonica >> >> _______________________________________________ >> lisp mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/lisp > >_______________________________________________ >lisp mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/lisp _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
