Clarification needed on ATM

Anthony D Cennami acennami at netscape.net
Thu Jun 6 13:05:58 UTC 2002


You are only nailing the PVP/PVC to your physical port.  The provider 
almost certainly has sPVP/C's to route througout their actual ATM 
backbone, each of those routes with a destination NSAP of your ATM port 
(the port that terminates your physical link)

I'm not sure how this raises any security issue since any traffic that 
you feel should remain secure must be encrypted long before it reaches 
your carriers transit backbone.

Were these statically mapped (which I might add would be a horrific job 
for the network engineers and admins at a carrier) then one link failing 
in between any of your facilities would cause the entire PVP/C to 
collapse.  sPVP/C's on NNI links are very common and 
beneficial/necessary to continuity on an ATM network.





Rich Sena wrote:
> OK - sorry if this is elementary - however I am dealing with a challenge
> to the security of some ATM links that we have connecting remote
> facilities to a main campus.  The connections are all PVPs with individual
> PVCs defined point to point.  The concern that is being raised is that
> although these connections appear point-to-point PVCs to the router
> interfaces at our sites and our main campus - they are more than likely
> switched SVCs on the provider backbone...
> 
> I had thought that a PVC was a nailed up connection between vpi-vci pairs
> throughout the provider ATM network - is that an incorrect assumption? And
> if so is the scenario that was raised possible/probable and a concern?
> 
> Thanks for any info kids...
> 






More information about the NANOG mailing list