[166595] in North American Network Operators' Group
Re: large scale ipsec
daemon@ATHENA.MIT.EDU (Paul Stewart)
Fri Nov 1 10:32:22 2013
Date: Fri, 01 Nov 2013 10:31:52 -0400
From: Paul Stewart <paul@paulstewart.org>
To: <nanog@nanog.org>
In-Reply-To: <20131101133838.GV21002@netmeister.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Can you give us an idea of =E2=80=9Clarge scale=E2=80=9D in your mind? Also, site to s=
ite
deployments or remote access or both?
Paul
On 11/1/2013, 9:38 AM, "Jan Schaumann" <jschauma@netmeister.org> wrote:
>Hello,
>
>Who here on this list has deployed IPSec or other comparable lower layer
>encryption in a large scale environment, or attempted to do so?
>
>I've repeatedly heard claims that doing so is not feasible (either
>operationally or financially), but I have not seen any specific studies,
>reports, numbers or anything else to support this. Of course I haven't
>seen anything proving the opposite, either, which is why I'm reaching
>out here on this list.
>
>What was your experience, and what alternatives have you considered? If
>your findings were made longer than, say, 5 years ago, what might have
>changed to change the results?
>
>-Jan
