Re: [IPsec] clariciations for draft-sathyanarayan-ipsecme-advpn-03
Praveen Sathyanarayan <praveenys@juniper.net> Fri, 17 January 2014 17:01 UTC
Return-Path: <praveenys@juniper.net>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07B121AE125 for <ipsec@ietfa.amsl.com>; Fri, 17 Jan 2014 09:01:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G4YMUCqgTTEe for <ipsec@ietfa.amsl.com>; Fri, 17 Jan 2014 09:01:41 -0800 (PST)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe010.messaging.microsoft.com [216.32.180.30]) by ietfa.amsl.com (Postfix) with ESMTP id C62D21AE0DA for <ipsec@ietf.org>; Fri, 17 Jan 2014 09:01:40 -0800 (PST)
Received: from mail84-va3-R.bigfish.com (10.7.14.236) by VA3EHSOBE009.bigfish.com (10.7.40.29) with Microsoft SMTP Server id 14.1.225.22; Fri, 17 Jan 2014 17:01:27 +0000
Received: from mail84-va3 (localhost [127.0.0.1]) by mail84-va3-R.bigfish.com (Postfix) with ESMTP id E89BC26013B; Fri, 17 Jan 2014 17:01:27 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.56.240.101; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0510HT005.namprd05.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -24
X-BigFish: VPS-24(zzbb2dI98dI9371I1432Idb82hzz1f42h2148h208ch1ee6h1de0h1fdah2073h2146h1202h1e76h2189h1d1ah1d2ah1fc6hzz1de098h1033IL8275bh8275dh1de097h186068hz2fh109h2a8h839h944he5bhf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah224fh1d0ch1d2eh1d3fh1dc1h1dfeh1dffh1fe8h1ff5h209eh2216h22d0h2336h2438h2461h2487h1155h)
Received-SPF: pass (mail84-va3: domain of juniper.net designates 157.56.240.101 as permitted sender) client-ip=157.56.240.101; envelope-from=praveenys@juniper.net; helo=BL2PRD0510HT005.namprd05.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009001)(679001)(689001)(779001)(51704005)(24454002)(189002)(199002)(377454003)(479174003)(74876001)(87936001)(31966008)(47446002)(76176001)(561944002)(15975445006)(74502001)(85852003)(83506001)(83072002)(81542001)(81342001)(74366001)(80022001)(81686001)(74706001)(77982001)(90146001)(85306002)(76786001)(87266001)(69226001)(4396001)(2656002)(56816005)(65816001)(74662001)(66066001)(47976001)(80976001)(63696002)(83322001)(51856001)(19580395003)(47736001)(54356001)(53806001)(49866001)(79102001)(19580405001)(50986001)(46102001)(93136001)(59766001)(76482001)(56776001)(76796001)(81816001)(54316002)(92566001)(92726001)(36756003)(93516002); DIR:OUT; SFP:1101; SCL:1; SRVR:CO2PR05MB668; H:CO2PR05MB665.namprd05.prod.outlook.com; CLIP:66.129.239.19; FPR:; RD:InfoNoRecords; MX:1; A:1; LANG:en;
Received: from mail84-va3 (localhost.localdomain [127.0.0.1]) by mail84-va3 (MessageSwitch) id 1389978084970129_11452; Fri, 17 Jan 2014 17:01:24 +0000 (UTC)
Received: from VA3EHSMHS028.bigfish.com (unknown [10.7.14.225]) by mail84-va3.bigfish.com (Postfix) with ESMTP id DF0166005D; Fri, 17 Jan 2014 17:01:24 +0000 (UTC)
Received: from BL2PRD0510HT005.namprd05.prod.outlook.com (157.56.240.101) by VA3EHSMHS028.bigfish.com (10.7.99.38) with Microsoft SMTP Server (TLS) id 14.16.227.3; Fri, 17 Jan 2014 17:01:24 +0000
Received: from CO2PR05MB668.namprd05.prod.outlook.com (10.141.230.25) by BL2PRD0510HT005.namprd05.prod.outlook.com (10.255.100.40) with Microsoft SMTP Server (TLS) id 14.16.395.1; Fri, 17 Jan 2014 17:01:24 +0000
Received: from CO2PR05MB665.namprd05.prod.outlook.com (10.141.230.11) by CO2PR05MB668.namprd05.prod.outlook.com (10.141.230.25) with Microsoft SMTP Server (TLS) id 15.0.842.7; Fri, 17 Jan 2014 17:01:22 +0000
Received: from CO2PR05MB665.namprd05.prod.outlook.com ([10.141.230.11]) by CO2PR05MB665.namprd05.prod.outlook.com ([10.141.230.11]) with mapi id 15.00.0851.011; Fri, 17 Jan 2014 17:01:22 +0000
From: Praveen Sathyanarayan <praveenys@juniper.net>
To: "Frederic Detienne (fdetienn)" <fdetienn@cisco.com>, "<ipsec@ietf.org> WG" <ipsec@ietf.org>
Thread-Topic: [IPsec] clariciations for draft-sathyanarayan-ipsecme-advpn-03
Thread-Index: AQHPEHmWVSfQ3H7ZOEi1TNp+NhtSp5qJGL6A//+Ln4A=
Date: Fri, 17 Jan 2014 17:01:21 +0000
Message-ID: <CEFEA13A.69906%praveenys@juniper.net>
In-Reply-To: <CDABA9E0-1655-4F48-AF9B-99C15EFB8EF9@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.0.121105
x-originating-ip: [66.129.239.19]
x-forefront-prvs: 0094E3478A
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1899104016FD034D96F15E5058FED499@namprd05.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Subject: Re: [IPsec] clariciations for draft-sathyanarayan-ipsecme-advpn-03
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2014 17:01:43 -0000
Hi Fred, All of our co-authors are currently busy, as we need to catch up with many post holidays pending works. We will get back to you soon. -- Praveen On 1/17/14 1:56 AM, "Frederic Detienne (fdetienn)" <fdetienn@cisco.com> wrote: >Hi, > >I would like to re-iterate the importance of clarifying the points below >as it is not possible to assess the performances, relevance and >interoperability of draft-sathyanarayan-ipsecme-advpn-03 at this stage - >- these are all important issues to potential users of this techology. > >Thank you, > > Frederic Detienne > > >On 13 Jan 2014, at 17:07, Frederic Detienne (fdetienn) ><fdetienn@cisco.com> wrote: > >> Hi, >> >> In reviewing the discussions over the past few weeks, there appear to >>be a number of issues concerning draft-sathyanarayan-ipsecme-advpn-03 >>that require further clarification. >> >> It would be useful for the working group if the following aspects of >>draft-sathyanarayan-ipsecme-advpn-03 were clarified: >> >> 1. scaling & general networking: >> 1.1 It does appear this proposal has a limit of 256 networks. Is this >>correct ? How do nodes negotiate SA's when there are more than 256 >>prefixes on each side ? For reference, RFC5996 does not offer the >>ability to negotiate more than 256 prefixes in the TSi TSr payloads. >> >> 1.2 What happens when a prefix administratively changes from behind >>one branch to another ? How do servers get notified about that ? >> >> 1.3 How is VLSM taken into consideration (Variable Length Subnet >>Masking). E.g. long prefix behind one branch and a short prefix behind >>another >> >> 1.4 How does a hub decide which Security Association to use when to >>spoke devices decide to advertise the same prefix ? >> >> 2. multicast: >> >> 2.1 There does not appear to be a specification of Multicast in this >>proposal. This is a key requirement for some of the ADVPN sponsors. How >>does multicast work ? >> >> 2.2 How are SA's negotiated and how do applications request multicast >>traffic to be sent ? >> >> 3.interoperability. draft-sathyanarayan-ipsecme-advpn-03 does not >>mention how a server/hub learns about networks behind other servers >> >> 3.1 what are the steps a server should take to establish a network with >>other servers >> >> 3.2 how is topology and reachability information exchanged between >>servers >> >> >> Thank you, >> >> Frederic Detienne >> _______________________________________________ >> IPsec mailing list >> IPsec@ietf.org >> https://www.ietf.org/mailman/listinfo/ipsec > >_______________________________________________ >IPsec mailing list >IPsec@ietf.org >https://www.ietf.org/mailman/listinfo/ipsec > >
- [IPsec] clariciations for draft-sathyanarayan-ips… Frederic Detienne (fdetienn)
- Re: [IPsec] clariciations for draft-sathyanarayan… Frederic Detienne (fdetienn)
- Re: [IPsec] clariciations for draft-sathyanarayan… Praveen Sathyanarayan
- Re: [IPsec] clariciations for draft-sathyanarayan… Frederic Detienne (fdetienn)
- Re: [IPsec] clariciations for draft-sathyanarayan… Praveen Sathyanarayan
- Re: [IPsec] clariciations for draft-sathyanarayan… Frederic Detienne (fdetienn)
- [IPsec] Moving prefixes -- clariciations for draf… Frederic Detienne (fdetienn)
- Re: [IPsec] Moving prefixes -- clariciations for … Praveen Sathyanarayan
- Re: [IPsec] Moving prefixes -- clariciations for … Yoav Nir
- Re: [IPsec] clariciations for draft-sathyanarayan… Timo Teras
- Re: [IPsec] Moving prefixes -- clariciations for … Frederic Detienne (fdetienn)
- Re: [IPsec] Moving prefixes -- clariciations for … Frederic Detienne (fdetienn)
- Re: [IPsec] Moving prefixes -- clariciations for … Praveen Sathyanarayan
- Re: [IPsec] Moving prefixes -- clariciations for … Frederic Detienne (fdetienn)
- Re: [IPsec] Moving prefixes -- clariciations for … Praveen Sathyanarayan
- Re: [IPsec] Moving prefixes -- clariciations for … Frederic Detienne (fdetienn)
- Re: [IPsec] clariciations for draft-sathyanarayan… Daniel Migault
- Re: [IPsec] clariciations for draft-sathyanarayan… Timo Teras
- Re: [IPsec] Moving prefixes -- clariciations for … Praveen Sathyanarayan
- Re: [IPsec] clariciations for draft-sathyanarayan… Daniel Migault
- Re: [IPsec] clariciations for draft-sathyanarayan… Timo Teras