Hi Group, We would like to present the HA design team's output for IPsec Cluster Solution Draft before Maastricht meeting as http://tools.ietf.org/id/draft-kagarigi-ipsecme-ikev2-windowsync-03.txt
This draft solves the main issues of IPsec Cluster Problem Statement draft using a simple IKEv2 protocol extension, and provides implementation advice for other issues. I sincerely thanks all the team members of HA Design Team for attending all internal meetings and giving their valuable inputs and doing reviews. My special thanks to Yaron and Yoav for their expert inputs and comments. I would also like to thanks Paul for providing TeamSpeak server for conducting internal design team meetings. The team started with these draft as inputs. 1. http://tools.ietf.org/html/draft-kagarigi-ipsecme-ikev2-windowsync-00 - G. Kalyani 2. http://www.ietf.org/id/draft-arora-ipsecme-ikev2-alt-tunnel-addresses-00.txtJ. Arora 3. http://www.ietf.org/id/draft-ietf-ipsecme-ipsec-ha-09.txt - Y. Nir - As Input The current draft is based on [1], then it got enhanced and extended with all team's contribution. The problem and solution presented in [2], is more towards load balancing than HA cluster. Also this problem can be solved using IKEv2 REDIRECT mechanism. Also, this solution requires IKEv2 protocol change. So, this is deferred for now. I request the IPsecME group members to review and give comments on http://tools.ietf.org/id/draft-kagarigi-ipsecme-ikev2-windowsync-03.txt, so that we can discuss this draft with more details in Maastricht meeting. Regards, Raj Singh On Fri, Jun 18, 2010 at 11:56 AM, Yaron Sheffer <yaronf.i...@gmail.com>wrote: > Hi, > > As promised, we have started a design team on IPsec HA. Paul and I have > asked Raj Singh to lead the team. His job is to make sure that the team > meets regularly in the next few weeks, and produces a good output document > before the Maastricht face-to-face meeting. > > The initial membership of the team is: > > - Raj Singh (rsjen...@gmail.com, lead) > > - Jitender Arora (jar...@acmepacket.com) > - Min Huang (huang...@huaweisymantec.com) > - Dacheng Zhang (zhangdach...@huawei.com) > - Yoav Nir (y...@checkpoint.com) > - Yaron Sheffer (yaronf.i...@gmail.com, observer) > > According to IETF rules (see > http://www.ietf.org/iesg/statement/design-team.htm), every design team > needs to have a mission statement. So here it is: > > Produce a high-level solution document that covers most or all of the > issues raised by the HA problem statement (draft-ietf-ipsecme-ipsec-ha). Any > solution should be applicable to different deployments, in order to > accommodate the variety of existing and future IPsec products. Solutions > should have a similar level of security as the IKE/IPsec suite. > > Another process reminder: the design team's output serves as input to the > full WG, essentially like an individual draft. So all protocol decisions > will eventually be made by the working group. > > Thanks, > Yaron > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec >
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
