A Framework for IP Based Virtual Private Networks

This document describes a framework for Virtual Private Networks (VPNs) running across IP backbones. It discusses the various different types of VPNs, their respective requirements, and proposes specific mechanisms that could be used to implement each type of VPN using existing or proposed specifications. The objective of this document is to serve as a framework for related protocol development in order to develop the full set of specifications required for widespread deployment of interoperable VPN solutions.

[1]  Ravishanker Chandra,et al.  BGP Communities Attribute , 1996, RFC.

[2]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[3]  William Allen Simpson,et al.  The Point-to-Point Protocol (PPP) , 1993, RFC.

[4]  Yakov Rekhter,et al.  Use of Label Switching With RSVP , 1998 .

[5]  Ralph E. Droms,et al.  Dynamic Host Configuration Protocol , 1993, RFC.

[6]  Perry B. Gentry What is a VPN? , 2001, Inf. Secur. Tech. Rep..

[7]  Charles E. Perkins,et al.  Tunnel Establishment Protocol , 1998 .

[8]  Louis A. Mamakos,et al.  A Method for Transmitting PPP Over Ethernet (PPPoE) , 1999, RFC.

[9]  Vipul Gupta Secure, Remote Access over the Internet using IPSec , 1999 .

[10]  Glen Zorn,et al.  Criteria for Evaluating Roaming Protocols , 1999, RFC.

[11]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 2000, RFC.

[12]  Ran Canetti,et al.  Secure IP Multicast: Problem areas, Framework, and Building Blocks , 2000 .

[13]  Robert Monsour,et al.  IP Payload Compression Protocol (IPComp) , 1998, RFC.

[14]  Moshe Litvin,et al.  A Hybrid Authentication Mode for IKE , 2000 .

[15]  Brian Lloyd,et al.  The PPP Multilink Protocol (MP) , 1994, RFC.

[16]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[17]  Glen Zorn,et al.  Point-to-Point Tunneling Protocol , 1999 .

[18]  Yakov Rekhter,et al.  Carrying Label Information in BGP-4 , 2001, RFC.

[19]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[20]  Eric C. Rosen,et al.  Multiprotocol Label Switching Architecture , 2001, RFC.

[21]  Jim Boyle,et al.  Accept-Ranges : bytes Content-Length : 55967 Connection : close Content-Type : text / plain Internet Draft , 2012 .

[22]  Gary Scott Malkin,et al.  RIP Version 2 Carrying Additional Information , 1993, RFC.

[23]  Matt Holdrege,et al.  IP Network Address Translator (NAT) Terminology and Considerations , 1999, RFC.

[24]  Hartmut Brandt,et al.  ATM Signaling , 2000 .

[25]  Dino Farinacci,et al.  Generic Routing Encapsulation over IPv4 networks , 1994, RFC.

[26]  Tony Li CPE based VPNs using MPLS , 1998 .

[27]  Gregory Wright,et al.  MPLS VPN Architecture , 1998 .

[28]  Bryan Gleeson,et al.  Virtual Private Networks Identifier , 1999, RFC.

[29]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[30]  Dan Grossman,et al.  Multiprotocol Encapsulation over ATM Adaptation Layer 5 , 1993, RFC.

[31]  Wei Luo,et al.  Layer Two Tunneling Protocol (L2TP) Differentiated Services Extension , 2002, RFC.

[32]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[33]  Brian Haberman,et al.  IGMP-based Multicast Forwarding ('IGMP Proxying') , 2001 .

[34]  Pyda Srisuresh Secure Remote Access with L2TP , 2000, RFC.

[35]  Daniel O. Awduche,et al.  Applicability Statement for Extensions to RSVP for LSP-Tunnels , 2001, RFC.

[36]  Glen Zorn,et al.  Securing L2TP using IPsec , 2001, RFC.

[37]  Andrew J. Valencia,et al.  Cisco Layer Two Forwarding (Protocol) "L2F" , 1998, RFC.

[38]  Liam Casey An extended IP VPN Architecture , 1998 .

[39]  Dino Farinacci,et al.  Generic Routing Encapsulation (GRE) , 2000, RFC.

[40]  Van Jacobson,et al.  An Expedited Forwarding PHB , 1999, RFC.

[41]  Stephen E. Deering,et al.  Distance Vector Multicast Routing Protocol , 1988, RFC.

[42]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[43]  Charles E. Perkins,et al.  IP Encapsulation within IP , 1996, RFC.

[44]  Richard Shea L2TP-over-IP Path MTU Discovery (''L2TPMTU'') , 1998 .

[45]  Yakov Rekhter,et al.  A Provider Architecture for Differentiated Services and Traffic Engineering (PASTE) , 1998, RFC.

[46]  Yakov Rekhter,et al.  Address Allocation for Private Internets , 1994, RFC.

[47]  Glen Zorn,et al.  Point-to-Point Tunneling Protocol (PPTP) , 1999, RFC.

[48]  Ram Dantu,et al.  Constraint-Based LSP Setup using LDP , 2002, RFC.

[49]  Andrew G. Malis,et al.  A Core MPLS IP VPN Architecture , 2000, RFC.

[50]  Tim Howes,et al.  Lightweight Directory Access Protocol , 1995, RFC.

[51]  Glen Zorn,et al.  Implementation of L2TP Compulsory Tunneling via RADIUS , 2000, RFC.

[52]  Roy Pereira,et al.  Extended Authentication Within ISAKMP/Oakley (XAUTH) , 1999 .

[53]  Kevin Smith,et al.  The PPP Bandwidth Allocation Protocol (BAP) / The PPP Bandwidth Allocation Control Protocol (BACP) , 1997, RFC.

[54]  Sanjay Anand,et al.  The ISAKMP Configuration Method , 1999 .

[55]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[56]  Martin Taylor LAN Emulation over ATM , 1997, Comput. Commun..

[57]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[58]  Andrew G. Malis,et al.  Multiprotocol Interconnect over Frame Relay , 1993, RFC.

[59]  Pat Calhoun,et al.  Layer Two Tunneling Protocol 'L2TP' Security Extensions for Non-IP networks , 1998 .

[60]  Andrew G. Malis,et al.  ATM Signaling Support for IP over ATM , 1995, RFC.

[61]  Glen Zorn,et al.  Layer Two Tunneling Protocol "L2TP" , 1999, RFC.

[62]  Bernard Aboba,et al.  User-level Authentication Mechanisms for IPsec , 1999 .

[63]  Yakov Rekhter,et al.  BGP/MPLS VPNs , 1999, RFC.

[64]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 1997, RFC.

[65]  David Thaler,et al.  Protocol Independent Multicast-Sparse Mode (PIM-SM): Protocol Specification , 1997, RFC.

[66]  John Moy,et al.  OSPF Version 2 , 1998, RFC.

[67]  Tim Howes,et al.  Lightweight Directory Access Protocol (v3) , 1997, RFC.