Return-Path: <yumao9@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
 with ESMTP id 7F10321F8EC1 for <ipsec@ietfa.amsl.com>;
 Thu,  2 May 2013 08:08:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level: 
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5
 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XgyNewuK2mE5 for
 <ipsec@ietfa.amsl.com>; Thu,  2 May 2013 08:08:15 -0700 (PDT)
Received: from mail-ea0-x236.google.com (mail-ea0-x236.google.com
 [IPv6:2a00:1450:4013:c01::236]) by ietfa.amsl.com (Postfix) with ESMTP id
 5EDBB21F8BE4 for <ipsec@ietf.org>; Thu,  2 May 2013 08:08:15 -0700 (PDT)
Received: by mail-ea0-f182.google.com with SMTP id z16so335094ead.41 for
 <ipsec@ietf.org>; Thu, 02 May 2013 08:08:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:x-received:in-reply-to:references:date:message-id
 :subject:from:to:cc:content-type;
 bh=QRNxJXEbVjs1pApAEw/3TONEFmccSa7uXbgOkIa61co=;
 b=k3cP78j0IB/obTDRIfYMFq0yb5bSmruL+IYVF/7EuAY87L4BzBq2hDsLLQrVxUEoio
 pRdqu63J7Hpod6Y7zqDsz3bUMd5L2Rctr2W+qh2rP7qE79SbexImFEKPL8BI9fisitA3
 AioqcFWWt6lojDdlD7vPBC+mgvGGSpJ2ZHADUPJiLb1fQbKtKXg9jVEPdB9mKUn3hB2r
 cav1MtagFFLU/qji5/mkqPr0z2VkSNvFbrb2NCklwyf7EIppi3M2V8gQmX7xidHlGHqA
 DRGizjIWooqfsnBZXJOPuZ1mIuZXLViO6OpeahDCw1ysEK0DRF3qeNRlwlRDxBARh1+Y NVeg==
MIME-Version: 1.0
X-Received: by 10.14.213.67 with SMTP id z43mr20579922eeo.16.1367507294419;
 Thu, 02 May 2013 08:08:14 -0700 (PDT)
Received: by 10.223.182.8 with HTTP; Thu, 2 May 2013 08:08:14 -0700 (PDT)
In-Reply-To: <CAOyVPHSmRrHp6YAWm_306QNVJu83goa2HCnSvj5jk1wB5+UWow@mail.gmail.com>
References: <CAPPa=knYfWjqfGEhXrFNafhfKuOrMKM-VPC8zGJj+FYy64-FHQ@mail.gmail.com>
 <0C678C21-ECDD-4249-9DBB-B120DEE8613F@vpnc.org>
 <CAOyVPHSmRrHp6YAWm_306QNVJu83goa2HCnSvj5jk1wB5+UWow@mail.gmail.com>
Date: Thu, 2 May 2013 23:08:14 +0800
Message-ID: <CAPPa=k=a68ogmQY0tEM+zh9mTFEAjKYq5VVzD5X6i9MGZbHdjw@mail.gmail.com>
From: Toby Mao <yumao9@gmail.com>
To: Vishwas Manral <vishwas.ietf@gmail.com>
Content-Type: multipart/alternative; boundary=047d7b603bac831fa504dbbd9abc
Cc: IPsecme WG <ipsec@ietf.org>, "maoyu@h3c.com" <maoyu@h3c.com>,
 Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [IPsec] One comment to this draft//Fwd: I-D Action:
 draft-ietf-ipsecme-ad-vpn-problem-06.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>,
 <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>,
 <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2013 15:08:16 -0000

--047d7b603bac831fa504dbbd9abc
Content-Type: text/plain; charset=ISO-8859-1

Hi Vishwas:

I agree with you.  The Qos implementation in ADVPN is not different with
traditional IPsec VPN at all, and this requirement is to specify Qos policy
for each ADVPN peer in the hub.

Best regards,

Toby


On Mon, Apr 29, 2013 at 12:00 PM, Vishwas Manral <vishwas.ietf@gmail.com>wrote:

> Hi Toby,
>
> I absolutely understand the rational of where you are coming from. I agree
> with questions raised by Paul - we need to be characterize the requirement
> a bit further.
>
> I know QoS is important especially if there is an overload of traffic with
> multiple different use cases. However do we see it any different from any
> other VPN we currently run? I agree policing, shaping, marking etc are
> mechanisms to implement QoS and are important. May be the requirement would
> be to specify the capability to do fine grained QoS on a per peer basis on
> the Hub. Sounds reasonable?
>
> Thanks,
> Vishwas
>
>
> On Sat, Apr 27, 2013 at 8:27 PM, Paul Hoffman <paul.hoffman@vpnc.org>wrote:
>
>> These requirements might be useful to add in the next draft, but they
>> need to be refined.
>>
>> On Apr 26, 2013, at 8:10 PM, Toby Mao <yumao9@gmail.com> wrote:
>>
>> > The ADVPN solution SHOULD be able to implement Quality of Service (QoS)
>> to regulate the traffic in the ADVPN topology.
>>
>> Why is this statement needed? Do you see situations where an ADVPN
>> solution would be *prevented* from implementing some sort of QoS because it
>> was an ADVPN?
>>
>> > ADVPN peer SHOULD NOT send excessive traffic to the other members of
>> ADVPN.
>>
>> How would you define "excessive"? Where would that measurement be done?
>>
>> > The traffic for each ADVPN peer CAN be measured individually for
>> shaping and policing.
>>
>> Why is this statement needed? Do you see situations where an ADVPN
>> solution would be *prevented* from measuring individually?
>>
>> --Paul Hoffman
>> _______________________________________________
>> IPsec mailing list
>> IPsec@ietf.org
>> https://www.ietf.org/mailman/listinfo/ipsec
>>
>
>

--047d7b603bac831fa504dbbd9abc
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><p class=3D""><span lang=3D"EN-US" style=3D"color:rgb(31,7=
3,125)"><font face=3D"arial, helvetica, sans-serif">Hi Vishwas:</font></spa=
n></p><p class=3D"" style=3D"text-indent:15.75pt"><span lang=3D"EN-US" styl=
e=3D"color:rgb(31,73,125)"><font face=3D"arial, helvetica, sans-serif">I ag=
ree with you. =A0The Qos implementation in ADVPN is not different with trad=
itional IPsec VPN at all, and this requirement is to specify Qos policy for=
 each ADVPN peer in the hub.</font></span></p>
<p class=3D""><span lang=3D"EN-US" style=3D"color:rgb(31,73,125)"><font fac=
e=3D"arial, helvetica, sans-serif">Best regards,</font></span></p><p class=
=3D"" style><span lang=3D"EN-US" style=3D"color:rgb(31,73,125)"><font face=
=3D"arial, helvetica, sans-serif">Toby</font></span></p>
<p class=3D"" style><span lang=3D"EN-US" style=3D"color:rgb(31,73,125)"><fo=
nt face=3D"arial, helvetica, sans-serif"><br></font></span></p><div class=
=3D"gmail_extra"><div class=3D"gmail_quote">On Mon, Apr 29, 2013 at 12:00 P=
M, Vishwas Manral <span dir=3D"ltr">&lt;<a href=3D"mailto:vishwas.ietf@gmai=
l.com" target=3D"_blank">vishwas.ietf@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div>Hi Toby,</div><div>=A0=
</div><div>I absolutely understand the rational of where you are coming fro=
m. I agree with questions raised by Paul - we need to be characterize the r=
equirement a bit further.=A0</div>

<div>=A0</div><div>I know=A0QoS is important especially if there is an over=
load of traffic with multiple different use cases. However do we see it any=
 different from any other VPN we currently run? I agree policing, shaping, =
marking etc=A0are mechanisms to implement QoS and are important. May be the=
 requirement would be to specify the capability to do fine grained QoS on a=
 per peer basis on the Hub. Sounds reasonable?</div>

<div>=A0</div><div>Thanks,</div><div>Vishwas</div></div><div class=3D"gmail=
_extra"><br><br><div class=3D"gmail_quote"><div><div class=3D"h5">On Sat, A=
pr 27, 2013 at 8:27 PM, Paul Hoffman <span dir=3D"ltr">&lt;<a href=3D"mailt=
o:paul.hoffman@vpnc.org" target=3D"_blank">paul.hoffman@vpnc.org</a>&gt;</s=
pan> wrote:<br>

</div></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;bo=
rder-left:1px #ccc solid;padding-left:1ex"><div><div class=3D"h5">These req=
uirements might be useful to add in the next draft, but they need to be ref=
ined.<br>

<div><br>
On Apr 26, 2013, at 8:10 PM, Toby Mao &lt;<a href=3D"mailto:yumao9@gmail.co=
m" target=3D"_blank">yumao9@gmail.com</a>&gt; wrote:<br>
<br>
&gt; The ADVPN solution SHOULD be able to implement Quality of Service (QoS=
) to regulate the traffic in the ADVPN topology.<br>
<br>
</div>Why is this statement needed? Do you see situations where an ADVPN so=
lution would be *prevented* from implementing some sort of QoS because it w=
as an ADVPN?<br>
<div><br>
&gt; ADVPN peer SHOULD NOT send excessive traffic to the other members of A=
DVPN.<br>
<br>
</div>How would you define &quot;excessive&quot;? Where would that measurem=
ent be done?<br>
<div><br>
&gt; The traffic for each ADVPN peer CAN be measured individually for shapi=
ng and policing.<br>
<br>
</div>Why is this statement needed? Do you see situations where an ADVPN so=
lution would be *prevented* from measuring individually?<br>
<span><font color=3D"#888888"><br>
--Paul Hoffman<br>
</font></span></div></div><div class=3D"im"><div><div>_____________________=
__________________________<br>
IPsec mailing list<br>
<a href=3D"mailto:IPsec@ietf.org" target=3D"_blank">IPsec@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/ipsec" target=3D"_blank">h=
ttps://www.ietf.org/mailman/listinfo/ipsec</a><br>
</div></div></div></blockquote></div><br></div>
</blockquote></div><br></div></div>

--047d7b603bac831fa504dbbd9abc--