Hi everyone,
Please note that most of the discussion in Maastricht will be around
this draft, so you are strongly encouraged to read it.
For those who cannot make it to Holland, please use the IETF audio
streaming to listen in, and Jabber to participate in real time. More
details here: http://www.ietf.org/meeting/78/remote-participation.html.
We will *not* have WebEX for IPsecME this time.
Thanks,
Yaron
On 07/19/2010 01:24 PM, Raj Singh wrote:
Hi Group,
We have come up with new version of the "IPsec Cluster Solution"draft
addressing comments which we got, the new version can be find here:
http://trac.tools.ietf.org/wg/ipsecme/trac/wiki/TempDocs.
<http://trac.tools.ietf.org/wg/ipsecme/trac/wiki/TempDocs>
We will submit the draft as soon as submission window re-opens.
Please read the draft and give you comments before Maastricht meeting.
Regards,
Raj
On Sun, Jul 11, 2010 at 4:39 PM, Raj Singh <rsjen...@gmail.com
<mailto:rsjen...@gmail.com>> wrote:
Hi Group,
We would like to present the HA design team's output for IPsec
Cluster Solution Draft before Maastricht meeting as
http://tools.ietf.org/id/draft-kagarigi-ipsecme-ikev2-windowsync-03.txt
This draft solves the main issues of IPsec Cluster Problem Statement
draft using a simple IKEv2 protocol extension, and provides
implementation advice for other issues.
I sincerely thanks all the team members of HA Design Team for
attending all internal meetings and giving their valuable inputs and
doing reviews.
My special thanks to Yaron and Yoav for their expert inputs and
comments. I would also like to thanks Paul for providing TeamSpeak
server for conducting internal design team meetings.
The team started with these draft as inputs.
1.
http://tools.ietf.org/html/draft-kagarigi-ipsecme-ikev2-windowsync-00 -
G. Kalyani
2.
http://www.ietf.org/id/draft-arora-ipsecme-ikev2-alt-tunnel-addresses-00.txt
J. Arora
3. http://www.ietf.org/id/draft-ietf-ipsecme-ipsec-ha-09.txt - Y.
Nir - As Input
The current draft is based on [1], then it got enhanced and extended
with all team's contribution.
The problem and solution presented in [2], is more towards load
balancing than HA cluster.
Also this problem can be solved using IKEv2 REDIRECT mechanism.
Also, this solution requires IKEv2
protocol change. So, this is deferred for now.
I request the IPsecME group members to review and give comments on
http://tools.ietf.org/id/draft-kagarigi-ipsecme-ikev2-windowsync-03.txt,
so that we can discuss this draft with more details in Maastricht
meeting.
Regards,
Raj Singh
On Fri, Jun 18, 2010 at 11:56 AM, Yaron Sheffer
<yaronf.i...@gmail.com <mailto:yaronf.i...@gmail.com>> wrote:
Hi,
As promised, we have started a design team on IPsec HA. Paul and
I have asked Raj Singh to lead the team. His job is to make sure
that the team meets regularly in the next few weeks, and
produces a good output document before the Maastricht
face-to-face meeting.
The initial membership of the team is:
- Raj Singh (rsjen...@gmail.com <mailto:rsjen...@gmail.com>, lead)
- Jitender Arora (jar...@acmepacket.com
<mailto:jar...@acmepacket.com>)
- Min Huang (huang...@huaweisymantec.com
<mailto:huang...@huaweisymantec.com>)
- Dacheng Zhang (zhangdach...@huawei.com
<mailto:zhangdach...@huawei.com>)
- Yoav Nir (y...@checkpoint.com <mailto:y...@checkpoint.com>)
- Yaron Sheffer (yaronf.i...@gmail.com
<mailto:yaronf.i...@gmail.com>, observer)
According to IETF rules (see
http://www.ietf.org/iesg/statement/design-team.htm), every
design team needs to have a mission statement. So here it is:
Produce a high-level solution document that covers most or all
of the issues raised by the HA problem statement
(draft-ietf-ipsecme-ipsec-ha). Any solution should be applicable
to different deployments, in order to accommodate the variety of
existing and future IPsec products. Solutions should have a
similar level of security as the IKE/IPsec suite.
Another process reminder: the design team's output serves as
input to the full WG, essentially like an individual draft. So
all protocol decisions will eventually be made by the working group.
Thanks,
Yaron
_______________________________________________
IPsec mailing list
IPsec@ietf.org <mailto:IPsec@ietf.org>
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
