[bess] IPSec Tunnels and draft-sajassi-bess-secure-evpn
Susan Hares <shares@ndzh.com> Tue, 28 July 2020 15:30 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0D663A109E for <bess@ietfa.amsl.com>; Tue, 28 Jul 2020 08:30:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.215
X-Spam-Level: *
X-Spam-Status: No, score=1.215 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.267, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id smCvpq68ONxC for <bess@ietfa.amsl.com>; Tue, 28 Jul 2020 08:30:26 -0700 (PDT)
Received: from hickoryhill-consulting.com (50-245-122-97-static.hfc.comcastbusiness.net [50.245.122.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8D383A0E54 for <bess@ietf.org>; Tue, 28 Jul 2020 08:29:42 -0700 (PDT)
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=50.107.100.94;
From: Susan Hares <shares@ndzh.com>
To: "'Ali Sajassi (sajassi)'" <sajassi@cisco.com>, bess@ietf.org
Cc: "'Hu, Jun (Nokia - US/Mountain View)'" <jun.hu@nokia.com>
Date: Tue, 28 Jul 2020 11:29:17 -0400
Message-ID: <007f01d664f3$e2b14ff0$a813efd0$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0080_01D664D2.5BA491F0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdZk8izhjCdDx5/XSYuR36KvQpfiTA==
Content-Language: en-us
X-Antivirus: AVG (VPS 200728-4, 07/28/2020), Outbound message
X-Antivirus-Status: Not-Tested
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/6EK7kAJSiHWA9QLxbWGx74Uf7vE>
Subject: [bess] IPSec Tunnels and draft-sajassi-bess-secure-evpn
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 15:30:35 -0000
Ali and bess WG: IDR has 3 proposals for IPsec tunnels that impact draft-ietf-idr-tunnel-encaps-17.txt. As an IDR co-chair/shepherd, I have been discussing these three drafts (Ali and two other authors sets) to try to find out if we can have one general solutions. The discussion has been very fruitful to point up BGP issues of interoperability, security, privacy, manageability, and scaling. For example, there is a lack of a clear specification between RFC6514 (PMSI tunnel attribute) and the tunnel-encaps draft that specifies how these drafts interoperate. I suspect the bess and idr chairs will need to discuss if tunnel-encaps has to address this point. I wrote up my ideas in draft-hares-idr-bgp-ipsec-analysis-00.txt so the authors could tell me what I misunderstood. You'll find this draft stops half way. I have the rest of the draft written, but I wanted feedback from all the author teams before sending it out. After hearing some of the details from the authors, I would like to sponsor an IDR interim so we could discuss these issues at length. If you think this is a good idea, please let me know. One other thing. unfortunately, I scheduled a set of meetings for EDT time after IETF meetings this week. Your next response will occur from 11-16 UTC on Wednesday. Cheerily, Sue
- [bess] IPSec Tunnels and draft-sajassi-bess-secur… Susan Hares
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… Ali Sajassi (sajassi)
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… Susan Hares
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… Ali Sajassi (sajassi)
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… Rabadan, Jorge (Nokia - US/Mountain View)
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… Susan Hares
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… John E Drake
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… Susan Hares
- Re: [bess] IPSec Tunnels and draft-sajassi-bess-s… Rabadan, Jorge (Nokia - US/Mountain View)