Which two statements best describe the implementation of Overlay VPN connectivity for remote access in the Enterprise Edge WAN module?

Which two statements best describe the implementation of Overlay VPN connectivity for remote access in the Enterprise Edge WAN module? (Choose two.)

Which two statements best describe the implementation of Overlay VPN connectivity for remote access in the Enterprise Edge WAN module? (Choose two.)

A.
Bandwidth is provisioned on a site-to-site basis.

B.
It uses dedicated point-to-point links.

C.
Optimum routing between customer sites requires a full mesh of virtual circuits.

D.
It must use Layer 2 labels to forward packets

E.
The ISP actively participates in customer routing.

Explanation:
Explanation

Network-Layer VPNs
The network layer in the TCP/IP protocol suite consists of the IP routing system–how reachability information is conveyed from one point in the network to another. There are a few methods to construct VPNs within the network layer; each is examined in the following paragraphs. A brief overview of non-IP VPNs is provided in Part II of this article.A brief overview of the differences in the "peer" and "overlay" VPN models is appropriate at this point. Simply put, the "peer" VPN model is one in which the network-layer forwarding path computation is done on a hop-by-hop basis, where each node in the intermediate data transit path is a peer with a next-hop node. Traditional routed networks are examples of peer models, where each router in the network path is a peer with its next-hop adjacencies. Alternatively, the "overlay" VPN model is one in which the network-layer forwarding path is not done on a hop-by-hop basis, but rather, the intermediate link- layer network is used as a "cut-through" to another edge node on the other side of a large cloud. Examples of "overlay" VPN models include ATM, Frame Relay, and tunneling implementations.Having drawn these simple distinctions between the peer and overlay models, it should be noted that the overlay model introduces some serious scaling concerns in cases where large numbers of egress peers are required because the number of adjacencies increases in direct proportion to the number of peers–the amount of computational and performance overhead required to maintain routing state, adjacency information, and other detailed packet forwarding and routing information for each peer becomes a liability in very large networks. If all the egress nodes in a cut-through network become peers in an effort to make all egress nodes one "Layer 3" hop away from one another, the scalability of the VPN overlay model is limited quite remarkably.

The Internet Protocol Journal – Volume 1, No. 1
What Is a VPN? – Part I

http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-1/what_is_a_vpn.html



Leave a Reply 0

Your email address will not be published. Required fields are marked *