IETF Logo Mail Archive

Re: [IPsec] Issue #177

Yaron Sheffer <yaronf.ietf@gmail.com> Tue, 13 April 2010 10:17 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 15B7C3A6A29 for <ipsec@core3.amsl.com>; Tue, 13 Apr 2010 03:17:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gFsmKoftlkvy for <ipsec@core3.amsl.com>; Tue, 13 Apr 2010 03:17:41 -0700 (PDT)
Received: from mail-bw0-f217.google.com (mail-bw0-f217.google.com [209.85.218.217]) by core3.amsl.com (Postfix) with ESMTP id D14EE3A691F for <ipsec@ietf.org>; Tue, 13 Apr 2010 03:17:19 -0700 (PDT)
Received: by bwz9 with SMTP id 9so5560927bwz.29 for <ipsec@ietf.org>; Tue, 13 Apr 2010 03:17:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:subject:from:to:cc :in-reply-to:references:content-type:date:message-id:mime-version :x-mailer:content-transfer-encoding; bh=frbAAH0B2WnKSwoFoEidGqlqgJU6lbGCGBb2HYfiZtc=; b=goaY9pEaY7+d4tsg9RH8BOeEcdxHlYWcFfD2ehPHkfNy3EY1LMywMt972JKwrLWcdD 2fPxY6G8wNP5sZ4dccs8hlNqz2wqXgCCtbEUkluwIFsgzGQ/Si37gnAXeRUhUK7hewqh NYoEQNjTCg32MAVYQ4bUUHScfakUymYpjEfrU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:from:to:cc:in-reply-to:references:content-type:date :message-id:mime-version:x-mailer:content-transfer-encoding; b=dBQTqMwvxxl2TVNoQqeNcvuN7luydYYZhhtBr0qOvlE0RxT8KHIfoh0kQS/ealGs00 +E2laLJ0A3pk667YxfL2YrL7gkEpOyJQi9eS8E6QqpVusPBCF61w+61Scc1DYqNuOxR+ dPJtAxxDojHowRK4bNEneI7VzyUndEWhPuxGk=
Received: by 10.87.71.21 with SMTP id y21mr4824688fgk.69.1271153830427; Tue, 13 Apr 2010 03:17:10 -0700 (PDT)
Received: from [10.0.0.4] ([109.67.14.147]) by mx.google.com with ESMTPS id 28sm10505575fkx.6.2010.04.13.03.17.09 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 13 Apr 2010 03:17:10 -0700 (PDT)
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: Yoav Nir <ynir@checkpoint.com>
In-Reply-To: <1271150696.3977.11.camel@yaronf-linux>
References: <5168444B-8DBF-4638-B2E5-BDFD5F1F6BB8@checkpoint.com> <1271150696.3977.11.camel@yaronf-linux>
Content-Type: text/plain; charset="UTF-8"
Date: Tue, 13 Apr 2010 13:17:07 +0300
Message-ID: <1271153827.2090.0.camel@yaronf-linux>
Mime-Version: 1.0
X-Mailer: Evolution 2.28.1
Content-Transfer-Encoding: 7bit
Cc: "ipsec@ietf.org WG" <ipsec@ietf.org>
Subject: Re: [IPsec] Issue #177
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Apr 2010 10:17:45 -0000

Looks good. A few comments down below.

	Yaron

On Tue, 2010-04-13 at 11:49 +0300, Yoav Nir wrote:
> Hi all.
> 
> As the previous discussion on this topic showed, the WG would like a more thorough taxonomy in section 2 of the HA/LS draft. Here's what I have come up with so far. Please send comments to the list.
> 
> 2.  Terminology
> 
>    "Single Gateway" is an implementation of IKE and IPsec enforcing a
>    certain policy, as described in [RFC4301].
> 
>    "Cluster" is a set of two or more gateways, implementing the same
>    security policy, and protecting the same domain.  Clusters exist to
>    provide both high availability through redundancy, and scalability
>    through load sharing.
> 
>    "Member" is one gateway in a cluster.
> 
>    "High Availability" is a condition of a system, not a configuration
>    type.  A system is said to have high availability if its expected
>    down time is low.  High availability can be achieved in various ways,
>    one of which is clustering.  All the clusters described in this
>    document achieve high availability.
> 
>    "Fault Tolerance" is a condition related to high availability, where
>    a system maintains service availability, even when a specified set of
>    fault conditions occur.  In clusters, we expect the system to
>    maintain service availability, when one of the cluster members fails.

one or more

> 
>    "Completely Transparent Cluster" is a cluster where the occurence of
>    a fault is never visible to the peers.
> 
>    "Partially Transparent Cluster" is a cluster where the occurence of a
>    fault may be visible to the peers.
> 
>    "Hot Standby Cluster", or "HS Cluster" is a cluster where only one of
>    the members is active at any one time.  This member is also referred
>    to as the the "active", whereas the others are referred to as "stand-
>    bys".  [VRRP] is one method of building such a cluster.

[Please ignore if you're sick and tired of terminology discussions:] I
look at the term "hot standby" as contrasted with "warm/cold
standby" (see http://www.webopedia.com/TERM/H/hot_standby.html). This is
not what we mean here. Can we use "active-standby" instead?
> 
>    "Load Sharing Cluster", or "LS Cluster" is a cluster where more than
>    one of the members may be active at the same time.  The term "load
>    balancing" is also common, but it implies that the load is actually
>    balanced between the members, and we don't want to even imply that
>    this is a requirement.
> 
>    "Failover" is the event where a one member takes over some load from
>    some other member.  In a hot standby cluster, this hapens when a
>    standby memeber becomes active due to a failure of the former active
>    member, or because of an administrator command.  In a load sharing
>    cluster this usually happens because of a failure of one of the
>    members, but certain load-balancing technologies may allow a
>    particular load (an SA) to move from one member to another to even
>    out the load, even without any failures.

The parenthetical "an SA" implies that SAs are never shared between
members. I suggest that the initial definition of "cluster" mention
whether we expect IKE and IPsec SAs to be shared between members.

> 
>    "Tight Cluster" is a cluster where all the members share an IP
>    address.  This could be accomplished using configured interfaces with
>    specialized protocols or hardware, such as VRRP, or through the use
>    of multicast addresses, but in any case, peers need only be
>    configured with one IP address in the PAD.
> 
>    "Loose Cluster" is a cluster where each member has a different IP
>    address.  Peers find the correct member using some method such as DNS
>    queries or [REDIRECT].

Upon failure, members' IP addresses are reallocated to other members.

> 
>    "Synch Channel" is a communications channel among the cluster
>    members, used to transfer state information.  The synch channel may
>    or may not be IP based, may or may not be encrypted, and may work
>    over short or long distances.  The security and physical
>    characteristics of this channel are out of scope for this document,
>    but it is a requirement that its use be minimized for scalability.
> 
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec

v2.23.0 | Report a Bug | By Email