Date: Thu, 25 Jul 2002 12:10:37 -0700 (PDT) From: David Raistrick <drais@wow.atlasta.net> To: Mark Koskenmaki <bsdlists@nwbombers.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: PPPoE Message-ID: <Pine.BSF.4.21.0207251205200.60869-100000@wow.atlasta.net> In-Reply-To: <Pine.BSF.4.21.0207251153360.60869-100000@wow.atlasta.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 25 Jul 2002, David Raistrick wrote: > On Thu, 25 Jul 2002, Mark Koskenmaki wrote: > > Or, via a VPN. I have just never seen a VPN, but believed they put quite > > a bit of extra overhead on the network, reducing throughput. > > > > Now, am I shooting in the dark here, or what??? And just to follow up on my own post... I assume you're an ISP. In such a situation, as long as you're not selling your service as "secure" or anything..PPPoE should be fine. It's no more or less secure then anything ELSE on the internet, but does let you run your equipment in an unnumbered subnet to prevent access to your devices...including gateways. It CAN be spoofed, and it CAN be listened to....but so can telnet, pop3, http...If your customer needs/wants a secure connection (either to your CO or to another company), then sell them a strong encryption VPN solution. For everyone else, sell them easily-authenticated service. Hell, you can even sell by-the-seat to companies if things are configured right. (though when I designed a wireless network to do this, we were using a much less common wireless product....virtual aDSL almost. rfc1483 split horizon issues can be used to ones advantage.:) --- david raistrick drais@atlasta.net http://www.expita.com/nomime.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0207251205200.60869-100000>