Re: [IPsec] One comment to this draft//Fwd: I-D Action: draft-ietf-ipsecme-ad-vpn-problem-06.txt

Paul Hoffman <paul.hoffman@vpnc.org> Sat, 27 April 2013 14:58 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E85521F98A7 for <ipsec@ietfa.amsl.com>; Sat, 27 Apr 2013 07:58:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tZi6V5DBf0mS for <ipsec@ietfa.amsl.com>; Sat, 27 Apr 2013 07:58:00 -0700 (PDT)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id 9DEA321F98A3 for <ipsec@ietf.org>; Sat, 27 Apr 2013 07:58:00 -0700 (PDT)
Received: from [10.20.30.90] (50-1-98-173.dsl.dynamic.sonic.net [50.1.98.173]) (authenticated bits=0) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id r3REvq89073300 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sat, 27 Apr 2013 07:57:53 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Content-Type: text/plain; charset=iso-8859-1
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <CAPPa=knYfWjqfGEhXrFNafhfKuOrMKM-VPC8zGJj+FYy64-FHQ@mail.gmail.com>
Date: Sat, 27 Apr 2013 07:57:52 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <0C678C21-ECDD-4249-9DBB-B120DEE8613F@vpnc.org>
References: <CAPPa=knYfWjqfGEhXrFNafhfKuOrMKM-VPC8zGJj+FYy64-FHQ@mail.gmail.com>
To: Toby Mao <yumao9@gmail.com>
X-Mailer: Apple Mail (2.1503)
Cc: IPsecme WG <ipsec@ietf.org>, "maoyu@h3c.com" <maoyu@h3c.com>
Subject: Re: [IPsec] One comment to this draft//Fwd: I-D Action: draft-ietf-ipsecme-ad-vpn-problem-06.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Apr 2013 14:58:01 -0000

These requirements might be useful to add in the next draft, but they need to be refined.

On Apr 26, 2013, at 8:10 PM, Toby Mao <yumao9@gmail.com> wrote:

> The ADVPN solution SHOULD be able to implement Quality of Service (QoS) to regulate the traffic in the ADVPN topology.

Why is this statement needed? Do you see situations where an ADVPN solution would be *prevented* from implementing some sort of QoS because it was an ADVPN?

> ADVPN peer SHOULD NOT send excessive traffic to the other members of ADVPN.

How would you define "excessive"? Where would that measurement be done?

> The traffic for each ADVPN peer CAN be measured individually for shaping and policing.

Why is this statement needed? Do you see situations where an ADVPN solution would be *prevented* from measuring individually?

--Paul Hoffman