[L1vpn] Re: Comment on draft-ietf-l1vpn-framework-02
Tomonori TAKEDA <takeda.tomonori@lab.ntt.co.jp> Tue, 02 May 2006 13:57 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FavNR-0008BW-Rm; Tue, 02 May 2006 09:57:21 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FavNR-0008BR-63 for l1vpn@ietf.org; Tue, 02 May 2006 09:57:21 -0400
Received: from tama5.ecl.ntt.co.jp ([129.60.39.102]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FavNQ-00055r-63 for l1vpn@ietf.org; Tue, 02 May 2006 09:57:21 -0400
Received: from vcs3.rdh.ecl.ntt.co.jp (vcs3.rdh.ecl.ntt.co.jp [129.60.39.110]) by tama5.ecl.ntt.co.jp (8.13.6/8.13.6) with ESMTP id k42DvI1x008574; Tue, 2 May 2006 22:57:18 +0900 (JST)
Received: from mfs3.rdh.ecl.ntt.co.jp (mfs3.rdh.ecl.ntt.co.jp [129.60.39.112]) by vcs3.rdh.ecl.ntt.co.jp (8.13.6/8.13.6) with ESMTP id k42DvHYd016095; Tue, 2 May 2006 22:57:17 +0900 (JST)
Received: from nttmail3.ecl.ntt.co.jp ([129.60.39.100]) by mfs3.rdh.ecl.ntt.co.jp (8.13.6/8.13.6) with ESMTP id k42DvGwC008236; Tue, 2 May 2006 22:57:16 +0900 (JST)
Received: from eclscan3.m.ecl.ntt.co.jp (eclscan3.m.ecl.ntt.co.jp [129.60.5.69]) by nttmail3.ecl.ntt.co.jp (8.13.6/8.13.6) with ESMTP id k42DvGUh003686; Tue, 2 May 2006 22:57:16 +0900 (JST)
Received: from eclscan3.m.ecl.ntt.co.jp (localhost [127.0.0.1]) by eclscan3.m.ecl.ntt.co.jp (8.12.11/8.12.11) with ESMTP id k42DvF7K002757; Tue, 2 May 2006 22:57:15 +0900 (JST)
Received: from imf.m.ecl.ntt.co.jp (imf.m.ecl.ntt.co.jp [129.60.5.230]) by eclscan3.m.ecl.ntt.co.jp (8.12.11/8.12.11) with ESMTP id k42DvFAU002752; Tue, 2 May 2006 22:57:15 +0900 (JST)
Received: from TAKEDA_PANA.lab.ntt.co.jp ([129.60.80.92]) by imf.m.ecl.ntt.co.jp (8.13.4/8.13.4) with ESMTP id k42DvBON005042; Tue, 2 May 2006 22:57:11 +0900 (JST)
Message-Id: <5.1.1.9.2.20060502212256.0556e128@imf.m.ecl.ntt.co.jp>
X-Sender: tt043@imf.m.ecl.ntt.co.jp
X-Mailer: QUALCOMM Windows Eudora Version 5.1-Jr3
Date: Tue, 02 May 2006 22:57:20 +0900
To: Pekka Savola <pekkas@netcore.fi>, l1vpn@ietf.org
From: Tomonori TAKEDA <takeda.tomonori@lab.ntt.co.jp>
In-Reply-To: <Pine.LNX.4.64.0605021506001.21988@netcore.fi>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Cc:
Subject: [L1vpn] Re: Comment on draft-ietf-l1vpn-framework-02
X-BeenThere: l1vpn@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Layer 1 Virtual Private Networks <l1vpn.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/l1vpn>, <mailto:l1vpn-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/l1vpn>
List-Post: <mailto:l1vpn@lists.ietf.org>
List-Help: <mailto:l1vpn-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/l1vpn>, <mailto:l1vpn-request@lists.ietf.org?subject=subscribe>
Errors-To: l1vpn-bounces@lists.ietf.org
Hi Pekka, Thanks for your comments. # Since you are not subscribed to the list, it was bounced back to chairs. As you may be aware (e.g., see RFC3945), GMPLS allows any type of control channel to be used as long as there is IP reachability. In L1VPN framework, there is some description about requirements for CE-PE control channels in security considerations section (section 12). If a control channel is physically separate per VPN (e.g., in-fiber in-band SONET/SDH overhead bytes), it is relatively secure. But if a control channel is physically shared by multiple VPNs (e.g., out-of-fiber ethernet cable connected to a hub), some security mechanisms may be needed depending on trust model. # NOTE: -03 version is now available, but text related to above is the same as -02 version. Hope this clarifies. Thanks, Tomonori At 15:10 06/05/02 +0300, Pekka Savola wrote: >Hi, > >(Not subscribed, hopefully this'll get through to the list.) > >I read draft-ietf-l1vpn-framework-02. I found it reasonably clear to >understand, and I think it's ready or almost ready for publication. > >One thing that kept intriguing me (this may be because I haven't studied >the GMPLS background material very much) is what exactly are the options >for CE-PE control plane connectivity at IP level (and as a generalization, >the whole control plane connectivity end-to-end). The doc specifically >assumes that such exists for some models, but doesn't describe how and the >requirements for such. This seems like an important point to me. > >-- >Pekka Savola "You each name yourselves king, yet the >Netcore Oy kingdom bleeds." >Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ L1vpn mailing list L1vpn@lists.ietf.org https://www1.ietf.org/mailman/listinfo/l1vpn
- [L1vpn] Comment on draft-ietf-l1vpn-framework-02 Pekka Savola
- [L1vpn] Re: Comment on draft-ietf-l1vpn-framework… Tomonori TAKEDA