minutes from the nov-12-03 L3VPN meeting
Rick Wilder <rick@rhwilder.net> Mon, 17 November 2003 20:39 UTC
Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA03881 for <l3vpn-archive@odin.ietf.org>; Mon, 17 Nov 2003 15:39:22 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALq9H-0004br-VZ for l3vpn-archive@odin.ietf.org; Mon, 17 Nov 2003 15:39:04 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hAHKd3b8017713 for l3vpn-archive@odin.ietf.org; Mon, 17 Nov 2003 15:39:03 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALq9H-0004bc-Ra for l3vpn-web-archive@optimus.ietf.org; Mon, 17 Nov 2003 15:39:03 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA03855 for <l3vpn-web-archive@ietf.org>; Mon, 17 Nov 2003 15:38:51 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1ALq9G-0005nh-00 for l3vpn-web-archive@ietf.org; Mon, 17 Nov 2003 15:39:02 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1ALq9G-0005ne-00 for l3vpn-web-archive@ietf.org; Mon, 17 Nov 2003 15:39:02 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALq9E-0004b1-Td; Mon, 17 Nov 2003 15:39:00 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ALq8x-0004ad-UF for l3vpn@optimus.ietf.org; Mon, 17 Nov 2003 15:38:43 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA03831 for <l3vpn@ietf.org>; Mon, 17 Nov 2003 15:38:31 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1ALq8w-0005n5-00 for l3vpn@ietf.org; Mon, 17 Nov 2003 15:38:42 -0500
Received: from web109.biz.mail.yahoo.com ([216.136.174.219]) by ietf-mx with smtp (Exim 4.12) id 1ALq8v-0005n2-00 for l3vpn@ietf.org; Mon, 17 Nov 2003 15:38:41 -0500
Message-ID: <20031117203841.73230.qmail@web109.biz.mail.yahoo.com>
Received: from [128.251.97.195] by web109.biz.mail.yahoo.com via HTTP; Mon, 17 Nov 2003 12:38:41 PST
Date: Mon, 17 Nov 2003 12:38:41 -0800
From: Rick Wilder <rick@rhwilder.net>
Subject: minutes from the nov-12-03 L3VPN meeting
To: l3vpn@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: l3vpn-admin@ietf.org
Errors-To: l3vpn-admin@ietf.org
X-BeenThere: l3vpn@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=unsubscribe>
List-Id: <l3vpn.ietf.org>
List-Post: <mailto:l3vpn@ietf.org>
List-Help: <mailto:l3vpn-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=subscribe>
Below are the minutes from the meeting in Minneapolis last week. Many thanks to Sue Hares for taking notes at the meeting. The presentation slides will appear in the proceedings. Rick, Ron, and Ross ---------------------------------------------------------------------------------------- L3VPN Working Group Wed 11/12/03 9:00am - 10:00am Agenda: Agenda Bashing (5 minutes - chairs) Working Group Document Status (15 minutes -- Ross Callon) Charter: Ongoing/Future Work (15 minutes - Ron Bonica) MPLS over L2TP (15 minutes - mark Townsley) CE member authentication (20 minutes) 1) Document status (Ross Callon) L3 Framework <draft-ietf-l3vpn-framework-00.txt> IESG has approved for publication L3 Service req'ts <draft-ietf-l3vpn-requirements-00.txt IESG Review and/or update based on comments Generic req'ts <draft-ietf-ppvpn-generic-reqts-03.txt> IESG Review and/or update based on comments Security Framework Passed WG last call; Being updated based on security directorate comments BGP/MPLS IP VPNs and AS <draft-ietf-l3vpn-rfc2547bis-01.txt>, <draft-ietf-l3vpn-as2547-03.txt> Passed l3vpn working group last call Is currently in IDR working group last call VR Architecture and AS <draft-ietf-l3vpn-vpn-vr-01.txt> & <draft-ietf-l3vpn-as-vr-00.txt > Base document is ready for WG last call AS update expected soon after IETF Both should go to WG last call as soon as AS is ready CE/IPSec Architecture and AS <draft-ietf-l3vpn-ce-based-01.txt> & <draft-declercq-l3vpn-ce-based-as-00.txt> Recent update to address mailing list comments: Clarify CE operation in two distinct routing spaces and management spaces More description of tunnel establishment More description of Internet connectivity Awaiting update to AS Security considerations and template WG Last call expected soon Guidelines of Applicability Statements for PPVPNs <draft-ietf-l3vpn-applicability-guidelines-00.txt> Long term disposition is still tbd MPLS/BGP MIB <draft-ietf-ppvpn-mpls-vpn-mib-05.txt> Needs update & MIB Doctor review WG last call should occur relatively soon thereafter Virtual Router MIB <draft-ietf-ppvpn-vr-mib-05.txt> same status as MPLS/BGP MIB CE MIB TBD (do we need a MIB? - question to be addressed on mail list) Req'ts for MPLS MIBs <draft-lai-mpls-mib-rqmts-00.txt> L3vpn issues have been resolved. Framework for PPVPN Op. & Man. <draft-ietf-l3vpn-mgt-fwk-00.txt> Accepted as working group document at last IETF Comments to l3vpn mailing list Textual Conventions <draft-ietf-ppvpn-tc-mib-02.txt> "Very Stable". 2547 for IPv6 <draft-ietf-ppvpn-bgp-ipv6-vpn-03.txt> Charter is being updated to include IPv6 PE-PE IPsec for 2547 <draft-ietf-ppvpn-ipsec-2547-03.txt> PE-PE GRE or IP for 2547 <draft-ietf-ppvpn-gre-ip-2547-02.txt> BGP as Auto-Discovery <draft-ietf-ppvpn-bgpvpn-auto-05.txt> All of above are stable, no significant recent updates CE-to-CE Member Verif'n <draft-ietf-ppvpn-l3vpn-auth-03.txt> and <draft-ietf-Behringer-mpls-vpn-auth> Possibility to reconcile the two approaches in a single document - see below. OSPF as PE/CE Protocol in BGP/MPLS VPNs <draft-ietf-l3vpn-ospf-2547-00.txt> Currently in WG last call Last call extended to 11/21/2003 (5pm EST) Related document <draft-ietf-ospf-2547-dnbit-01.txt> in last call in the OSPF working group 2) Charter (Ron Bonica) We have made progress and are nearing completion of many of our original tasks (eg, Framework and Requirements Documents completed, Security Frameworks passed WG last call, BGP/MPLS base spec and AS passed l3vpn last call and are in IDR last call, ...). It is therefore a good time to think about future work. We propose updating the Charter for additional work items. We have proposed to the IESG an update which adds support for IPv6. As the current set of documents is completed, we will propose to also add charter support for Multicast. 3) MPLS over L2TPv3 with BGP L3VPNs (Mark Townsley) (see presentation) Proposal: Edit current contribution to include BGP signaling along with L2TP formats. Use this to create a new document which could become draft-ietf-l3vpn-l2tpv3-2547-00.txt (if accepted as a working group document). Note that this would be in addition to existing documents: draft-ietf-l3vnp-ipsec-2547-03.txt draft-ietf-l3vpn-gre-ip2547-00 Discussion: 1) Yakov: There were some comments in opposition to this when it was presented in MPLS. Security is an issue a) Security review is needed (by security directorate) b) Solution presented was not specific to L2TP. c) justification needed for not using L2TP signaling 2) Ross: Why do we need another encapsulation? We already have encapsulation over MPLS, GRE, and IPsec. Does this have an advantage that these other encapsulations don't? (response) There are already 4 encapsulations MPLS over MPLS MPLS over IPsec MPLS over GRE MPLS over IP (Eric Rosen) We already have many many different tunnel types in use in network. Service providers have preferences. We need a specification for each. Agreement, we should include the reasons why the choices are being made. Mark: The intention is to update the document before it would be a working group document. Ross: We can't accept a document as a working group document until we have the document. Can you send an outline to the mailing list with a description of what would be in the extended draft with the articulation of the issues? Mark: Yes, this makes sense. Agreement: Will be discussed on the list. 3) Reconciling the L3VPN authentication Drafts (also known as "Singing Kumbaya"), M Behringer, M. Bonica We currently have two drafts related to authentication (one a working group document, one an individual contribution): 1) Draft-ietf-l3vpn-l3vpn-auth - provides the method through which the customers can detect SP misconfiguration - Does nothing to prevent misconfiguration - delegates authentication task to the CE - requires new functionality on the CE 2) Draft Behringer-mpls-vpn-auth - reduces the probabilty of SP misconfiguration - Does not allow customer to detect misconfiguration if it does occur - delegates the authentication task to the PE - requires nothing new on the CE We have two drafts. Option are: merge, let them both live, kill one. We propose to merge the drafts. Opportunity: 1) PE obtains the token from CE original draft: BGP extended community received from CE new protocol with CE Hashed authentication key from CE-PE routing protocol 2) PE distributes token throughout SP network 3) PE - Distribute to CE using BGP community or new protocol - User decides whether or not to authenticate Convergence: 1) Converge on a common mechanisms for distribution - Use a new BGP attribute 2) Add a third mechanism for obtaining token to draft-ietf-l3vpn-l3vpn-auth = Drive the token from the PE-CE MD5 key 3) Add a third application for the key at the egress PE - Use it to decide whether to install the route Discussion: (Ross Callon) Reasonable to update document. Comments on the list. (Ron Bonica) We would appreciate comments from Carrier's and Service providers. 4) Michael Beringer: <draft-behringer-mpls-security-04.txt> He wants to know what the disposition will be of his document "Analysis of the Security of BGP/MPLS IP VPNs". He requests that people send comments on the draft to the mailing list. Ross: This makes sense. Please review the document to determine whether it should become a working group document with the intention of being published as Information. Send comments to the list. Requested that Michael send a message to the mail list requesting feedback on the beringer security draft. Michael agrees.
- minutes from the nov-12-03 L3VPN meeting Rick Wilder
- Re: minutes from the nov-12-03 L3VPN meeting Yakov Rekhter
- Re: minutes from the nov-12-03 L3VPN meeting Rick Wilder