Re: [IPsec] Is there any drafts or RFCs on solutions to RFC 7018 Auto-Discovery VPN Problem Statement and Requirements?
Linda Dunbar <linda.dunbar@futurewei.com> Mon, 18 May 2020 17:53 UTC
Return-Path: <linda.dunbar@futurewei.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66F3B3A0B13 for <ipsec@ietfa.amsl.com>; Mon, 18 May 2020 10:53:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.189
X-Spam-Level:
X-Spam-Status: No, score=-0.189 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xkEvTn33voRT for <ipsec@ietfa.amsl.com>; Mon, 18 May 2020 10:53:33 -0700 (PDT)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2115.outbound.protection.outlook.com [40.107.244.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4E083A0B12 for <ipsec@ietf.org>; Mon, 18 May 2020 10:53:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BaN/W31ChK3i7LLeoDLQlDOUpctohk7ZdEJUq/cFKzSMoU5b/Lwfo3VT2rj/3siIZ0nKRkz4wHPMwHN9fSGJBPZ0nvKaoGtLWqfKyyWr03RYJYV4HS8O0WQ5f2mBNwHigcfyjdqNs1ovoIwKChsixzNZEAq3AD/kLmjJbHE9SG4PdsnRpH4M03DA0wF1NQdVOMd/MywyZJ4FxIIJXuh1u6/Z5d6RbcNS4jkDXUOg6LM5K5ROwD3sQg9DBG79TgW+qS/70pxQ1tRN/ccdogcdxEjcdl5I+DYb781kbN22VTh+agu1MriwmLeZkOgzLY/2h7Pv6J13+73Cb3JeU9yeBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cmglo+P1dQDHh0nb8w6dWMk84/pVZNePUo8N8jaFCws=; b=kiSMQTnNwvmTy4yPCvfN5JuTzhXwOXG/m/8Ub2XnZNrH1j8/bnPne6eGENzgb/q7I9QVBadx3ocb9BTcjP/+NpoCabVfu9F/PPjEqP3kkBhwbBmfredlenakTQavnL7G0GDg00mrd1OTvXtE4OdiJoJBpubVLJYW+5cowvPIzp0eb9Aw/rlJBJvi9J5tKP7nC4r8zJNBY9THQ7O1MMKD0Et6Lz4WQLU/GcCcWtGl8rVCG5nI1suB0NUngR/EkWOpfUMuZYVURjDUP5oTRpvyFsNHlgii9mLxme1fLDpRKnH0xKo/57vou/oYgrnn5JIdRuCXBc2ZN2iX4SPF+6TZRw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cmglo+P1dQDHh0nb8w6dWMk84/pVZNePUo8N8jaFCws=; b=YEbF5XRU9aT/wOa6ukx53LnoUpLy3g/WawhyxcWGLEWhKZouZkQBNG2lRLZvS3J9oS8g0wPOq/2G7XXTAqUEetYuYM4o3qPFjHehtvqBJMijs+fboc82CFJbQ81+d+GCmiGbxLsoe27Bgk+K6SySbxYT+W0K1um/rUlFOMyj1qg=
Received: from SN6PR13MB2334.namprd13.prod.outlook.com (2603:10b6:805:55::16) by SN6PR13MB2494.namprd13.prod.outlook.com (2603:10b6:805:56::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.13; Mon, 18 May 2020 17:53:31 +0000
Received: from SN6PR13MB2334.namprd13.prod.outlook.com ([fe80::7813:cef6:bbde:1970]) by SN6PR13MB2334.namprd13.prod.outlook.com ([fe80::7813:cef6:bbde:1970%5]) with mapi id 15.20.3021.019; Mon, 18 May 2020 17:53:31 +0000
From: Linda Dunbar <linda.dunbar@futurewei.com>
To: "vishwas.ietf" <vishwas.ietf@gmail.com>, "ipsec@ietf.org WG" <ipsec@ietf.org>
Thread-Topic: [IPsec] Is there any drafts or RFCs on solutions to RFC 7018 Auto-Discovery VPN Problem Statement and Requirements?
Thread-Index: AdYtNxBY7rsPEhAvSSaEorpChh0soAAAyMyAAAC2RVA=
Date: Mon, 18 May 2020 17:53:31 +0000
Message-ID: <SN6PR13MB2334433FD0CFC6F80CFDDF6585B80@SN6PR13MB2334.namprd13.prod.outlook.com>
References: <SN6PR13MB233450103D13365702E14D7A85B80@SN6PR13MB2334.namprd13.prod.outlook.com> <5ec2c682.1c69fb81.4aa28.d34b@mx.google.com>
In-Reply-To: <5ec2c682.1c69fb81.4aa28.d34b@mx.google.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=futurewei.com;
x-originating-ip: [72.180.73.64]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 135a71fc-e7bd-4e10-526a-08d7fb5460aa
x-ms-traffictypediagnostic: SN6PR13MB2494:
x-microsoft-antispam-prvs: <SN6PR13MB249427822EA88DD869DE4EDD85B80@SN6PR13MB2494.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 04073E895A
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: TR1UxiZ2MksbMeaAnc9Xk4GQuy22M4eAWSUu/W/2I0u8aGxzoTBrycCMEQJqeJb5dSkWg4Qtl+CwwwFm0EzjDQFh619hl7GObmX6pLBrKZCgdKsOekd1lFckrCZYc8kHvV+T4XrW1nC5lfgyT+oTYvSEUB2Gh8X4tpkRx2ldjVsFdLFVY9pyVWSKXOVVpQLS4Ma2wwj7OjRdiBXCOBxxi7CYFFRMAR7pMY+gtRcjICYDuEOBdOk/XnuHSHIf6Vv0+LtXHA2VAkViJpmtcqZibhHJAIMPynPE4HrL39JgDrXV5mGATGEdEGflfJlDZ4/Wm8CD1av56OfXj5AaCNbfmAr7j/OWjzhywUpSp3a934FjMvtXz0MbZYFYX6MssWBUKqdlyKlIiVCD6kaLu67o0A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR13MB2334.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(39840400004)(346002)(376002)(366004)(396003)(55016002)(8676002)(71200400001)(8936002)(316002)(478600001)(166002)(966005)(86362001)(110136005)(64756008)(6506007)(66476007)(44832011)(7696005)(76116006)(66946007)(5660300002)(9686003)(66446008)(52536014)(186003)(66556008)(2906002)(26005)(33656002)(53546011); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: rgc4OyRzHy3jhxp9N/EAH0SZ7+auCQV0ZbCTAr9gEW5waquWG5Xb/BTF2F0mSyL7XqSL7NDsFDclbUFB2kGdAzhDNm2dHyQHHOEqNWzKY+6Ht8T8nWqJGY1d3ZfqSsUF081C7VV8OCfFBo5qbgu4xTTVlhPV3EOssSqKOhUfjMBpUhy4pUrlYBR+CHJ5SgSMSxE+bLrCdvThkYNNOsIF5SfkOav35niLBnZaUc1mjb1wQTGUvIy9ZFqV7PjxM97iSCwzaFgGQceH/iP+ezT+L50sfd6vpSPvEx6l4BDl5NWza44y8TE1owR3NBt/sxLPN4BhRi4MWaBWxIsm5GMAquYT/LYqjSGYH+W1d5mDifFvbhJZte+jCoQBZSwwJfwRNFNq9BHgCrHX/oZs3d4RuKJsq7NXw99rbu9HQUbburwXNN2yENaQ709Gfaz2cZEWGJfx27uSETP7VPOqVkjh4O+uKwfh1QNODYAV8zFzjvA=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_SN6PR13MB2334433FD0CFC6F80CFDDF6585B80SN6PR13MB2334namp_"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 135a71fc-e7bd-4e10-526a-08d7fb5460aa
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2020 17:53:31.2294 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jd5070dVIHQgg9IP+tnhaI8fZRV7RXjCK4abyMoRiyPhfq59Vrp4CfXSSX8S7wQzQUZk/PMUoOreVLvzqrpi5Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR13MB2494
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/O5tluAg6ymud_CetF1rIzmlm4oU>
Subject: Re: [IPsec] Is there any drafts or RFCs on solutions to RFC 7018 Auto-Discovery VPN Problem Statement and Requirements?
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 May 2020 17:53:36 -0000
Vishwas, Thank you very much for the link. The draft was dated aug 2013. Why it didn’t move forward? Linda From: vishwas.ietf <vishwas.ietf@gmail.com> Sent: Monday, May 18, 2020 12:32 PM To: Linda Dunbar <linda.dunbar@futurewei.com>; ipsec@ietf.org WG <ipsec@ietf.org> Subject: RE: [IPsec] Is there any drafts or RFCs on solutions to RFC 7018 Auto-Discovery VPN Problem Statement and Requirements? Linda, There were 4 drafts written based on the existing state of art at that time. We created one as HP and H3C about 6 years back. Cisco had one too and so did others. https://tools.ietf.org/html/draft-mao-ipsecme-ad-vpn-protocol-02 -Vishwas -------- Original message -------- From: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>> Date: 5/18/20 10:13 AM (GMT-08:00) To: "ipsec@ietf.org WG<mailto:ipsec@ietf.org%20WG>" <ipsec@ietf.org<mailto:ipsec@ietf.org>> Subject: [IPsec] Is there any drafts or RFCs on solutions to RFC 7018 Auto-Discovery VPN Problem Statement and Requirements? We are experiencing the problems described in RFC 7018 (Auto-Discovery VPN Problem Statement and Requirements), i.e. the problem of enabling a large number of peers (primarily Gateway) to communicate directly using IPsec to protect the traffic between them. Is there any drafts describing the solutions to the problems identified by RFC7018? Thank you very much, Linda Dunbar
- [IPsec] Is there any drafts or RFCs on solutions … Linda Dunbar
- Re: [IPsec] Is there any drafts or RFCs on soluti… Praveen Sathyanarayan
- Re: [IPsec] Is there any drafts or RFCs on soluti… vishwas.ietf
- Re: [IPsec] Is there any drafts or RFCs on soluti… Linda Dunbar
- Re: [IPsec] Is there any drafts or RFCs on soluti… Paul Wouters
- Re: [IPsec] Is there any drafts or RFCs on soluti… Linda Dunbar
- Re: [IPsec] Is there any drafts or RFCs on soluti… Valery Smyslov