[IPsec] I-D Action:draft-ietf-ipsecme-ipsecha-protocol-02.txt
Internet-Drafts@ietf.org Mon, 25 October 2010 12:45 UTC
Return-Path: <root@core3.amsl.com>
X-Original-To: ipsec@ietf.org
Delivered-To: ipsec@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 0) id 326A43A685E; Mon, 25 Oct 2010 05:45:01 -0700 (PDT)
From: Internet-Drafts@ietf.org
To: i-d-announce@ietf.org
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
Message-Id: <20101025124502.326A43A685E@core3.amsl.com>
Date: Mon, 25 Oct 2010 05:45:01 -0700
Cc: ipsec@ietf.org
Subject: [IPsec] I-D Action:draft-ietf-ipsecme-ipsecha-protocol-02.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Oct 2010 12:45:02 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Security Maintenance and Extensions Working Group of the IETF. Title : Protocol Support for High Availability of IKEv2/IPsec Author(s) : R. Jenwar, et al. Filename : draft-ietf-ipsecme-ipsecha-protocol-02.txt Pages : 19 Date : 2010-10-25 The IPsec protocol suite is widely used for the deployment of virtual private networks (VPNs). In order to make such VPNs highly available, more scalable and failure-resistant, these VPNs are implemented as IPsec High Availability (HA) clusters. However there are many issues in IPsec HA clustering, and in particular in IKEv2 clustering. An earlier document, "IPsec Cluster Problem Statement", enumerates the issues encountered in the IKEv2/IPsec HA cluster environment. This document attempts to resolve these issues with the least possible change to the protocol. This document proposes an extension to the IKEv2 protocol to solve the main issues of "IPsec Cluster Problem Statement" in the commonly deployed hot-standby cluster, and provides implementation advice for other issues. The main issues to be solved are the synchronization of IKEv2 Message ID counters, and of IPsec Replay Counters. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-ipsecha-protocol-02.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft.
- [IPsec] I-D Action:draft-ietf-ipsecme-ipsecha-pro… Internet-Drafts