we are handling an MPLS Network with the typical MPLS structure (P,PE,CE Router). We use34 MB Lines between the Core (P) Router and we use QoS at the P-Router for the different applications from the different VPNs.
Now we want to use IP Sec between the CE Routers. Can this cause problems with the QoS Feature and/or with the labeling of the packets ??
We also like to implement software compression for WAN Links on the Core Router (Cisco 7401). Does somebody know if this causes any problems for the labeled packets or for the Routers CPU Performance ??
What the MPLS network is "seeing" when using IPSec is in fact UDP& IP/AH or ESP traffic between CE routers (the source and destination of the IPSec traffic is from/to the CE routers as IPSec peers). Thus the MPLS network is not aware of the IPSec traffic.
Compression has always direct impact on performance. You should check exactly the HW specs for the platform used.
Also from the QoS perspective to be able to differentiate between different classes you should mark the IP traffic before encryption. IPSec is preserving the precedence bits from the original IP packet.. Thus marking should occur on CE routers according to your specific policy.
1. Introduction Internet security is important with the increasing
attacks that are happening every day. Many internet and browsing
security solutions exist, but some are not very easy to use or maybe the
question is how can I enable them? In this referen...
Cisco Software Manager Server API Guide This document describes the
programmatic interfaces, RESTful APIs, which are supported by Cisco
Software Manager Server (CSM Server). Overview CSM Server supports a set
of finite RESTful APIs. The first step to use ...
If you are using Cisco's new linux-based Cisco Software Manager server,
then you probably want to make sure there is a startup service for
it.I'll assume that you've already installed the CSM server on a
systemd-based linux system. The commands given belo...