IETF Logo Mail Archive

[Mip4] RE: Comments on VPN Problem Statement Draft

"Jayshree Bharatia" <jayshree@nortelnetworks.com> Wed, 06 August 2003 19:14 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA00957 for <mip4-archive@odin.ietf.org>; Wed, 6 Aug 2003 15:14:29 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19kTjW-00058S-8l for mip4-archive@odin.ietf.org; Wed, 06 Aug 2003 15:14:02 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h76JE22c019735 for mip4-archive@odin.ietf.org; Wed, 6 Aug 2003 15:14:02 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19kTjW-00058E-3S for mip4-web-archive@optimus.ietf.org; Wed, 06 Aug 2003 15:14:02 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA00892 for <mip4-web-archive@ietf.org>; Wed, 6 Aug 2003 15:13:59 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19kTjU-000621-00 for mip4-web-archive@ietf.org; Wed, 06 Aug 2003 15:14:00 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19kTjU-00061y-00 for mip4-web-archive@ietf.org; Wed, 06 Aug 2003 15:14:00 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19kTjU-00057u-F4; Wed, 06 Aug 2003 15:14:00 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19kTip-00057D-0g for mip4@optimus.ietf.org; Wed, 06 Aug 2003 15:13:19 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA00816 for <mip4@ietf.org>; Wed, 6 Aug 2003 15:13:15 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19kTin-00061E-00 for mip4@ietf.org; Wed, 06 Aug 2003 15:13:17 -0400
Received: from zrc2s0jx.nortelnetworks.com ([47.103.122.112]) by ietf-mx with esmtp (Exim 4.12) id 19kTim-000616-00 for mip4@ietf.org; Wed, 06 Aug 2003 15:13:16 -0400
Received: from zrc2c011.us.nortel.com (zrc2c011.us.nortel.com [47.103.120.51]) by zrc2s0jx.nortelnetworks.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id h76JCg716112; Wed, 6 Aug 2003 14:12:42 -0500 (CDT)
Received: by zrc2c011.us.nortel.com with Internet Mail Service (5.5.2653.19) id <301T0LR1>; Wed, 6 Aug 2003 14:12:40 -0500
Message-ID: <870397D7C140C84DB081B88396458DAF746AB9@zrc2c000.us.nortel.com>
From: Jayshree Bharatia <jayshree@nortelnetworks.com>
To: "'Adrangi, Farid'" <farid.adrangi@intel.com>
Cc: mip4@ietf.org
Date: Wed, 06 Aug 2003 14:12:36 -0500
X-Mailer: Internet Mail Service (5.5.2653.19)
Subject: [Mip4] RE: Comments on VPN Problem Statement Draft
Sender: mip4-admin@ietf.org
Errors-To: mip4-admin@ietf.org
X-BeenThere: mip4@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mip4>, <mailto:mip4-request@ietf.org?subject=unsubscribe>
List-Id: Mobility for IPv4 <mip4.ietf.org>
List-Post: <mailto:mip4@ietf.org>
List-Help: <mailto:mip4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mip4>, <mailto:mip4-request@ietf.org?subject=subscribe>

Hello Farid,

Please see my reply below.

Thanks,
Jayshree
-----Original Message-----
From: Adrangi, Farid [mailto:farid.adrangi@intel.com] 
Sent: Sunday, August 03, 2003 11:50 PM
To: Bharatia, Jayshree [RICH1:2H13:EXCH]
Cc: mip4@ietf.org
Subject: RE: Comments on VPN Problem Statement Draft


Hello Jayshree,
Thanks for following up on this.  You, Gopal, and I had a very brief
conversation on this during IETF-57 - but I am not sure if we derived any
conclusion on whether or not we should include this scenario.  To be frank,
I don't quite understand the point behind adding this scenario because,
-          It seems to present a solution to a specific deployment model
rather than a deployment scenario 
[JB] My understanding is different from yours so please elaborate what you
mean by deployment model vs deployment scenario in this particular context.

-          I don't quite see the advantages of  a combined VPN+FA if it does
not support FA traversal and it does not avoid IPsec renegotiation when MN
moves from one subnet to another - perhaps you can elaborate on this?
[JB] I think regardless this scenario has any advantages or not, it is one
of the probable scenario which has potential issues (as you have indicated
earlier). 

-          Furthermore, Scenarios in section 2 of the problem statement
draft represents combinations of MIPv4 HA and VPN gateway placement - adding
this scenario is going to change semantics of the section 2.
[JB] I am not sure what you mean by semantics change here. Do you think
documenting this in new subsection (2.6) is a problem?

I have no problem adding this scenario to the draft - I just wanted to make
sure that we clearly understand the reasons for adding this scenario to the
problem statement draft.  Design team members and interested individuals are
welcome to express their opinion on this.  

Best regards,
Farid



 
 
 The   following   sub-sections   introduce   five   representative
   combinations of MIPv4 HA and VPN gateway placement.

-----Original Message-----
From: Jayshree Bharatia [mailto:jayshree@nortelnetworks.com] 
Sent: Thursday, July 31, 2003 1:44 PM
To: Adrangi, Farid
Cc: 'mip4@ietf.org'
Subject: RE: Comments on VPN Problem Statement Draft

Hello Farid,

As per our earlier discussion during IETF-57, my understanding is that you
will include the scenario of co-existed FA with the VPN gateway in the VPN
Problem Statement draft.

I agree that this particular scenario has problems and it won't work if the
MN is behind an FA in the foreign subnet. But again, this is a problem
statement draft. Hence, I believe that this is the appropriate document for
mentioning this scenario.

Thanks,
Jayshree

-----Original Message-----
From: Adrangi, Farid [mailto:farid.adrangi@intel.com] 
Sent: Monday, April 07, 2003 2:58 PM
To: Bharatia, Jayshree [RICH1:2H13:EXCH]
Cc: 'mobile-ip@sunroof.eng.sun.com'
Subject: RE: Comments on VPN Problem Statement Draft
Hello Jayshree
This is a good point - I knew someone was to bring this up!  At the time of
writing these scenarios, we (the design team) actually discussed this and
concluded this scenario would fall into a solution space.  Maybe we did not
make the right decision and we should rethink this.  But, before we take
this discussion further please allow me to ask you a few questions about the
details of the scenario (VPN+FA) that you have in mind .  Are you thinking
to broadcast FA advertisements through the IPsec tunnel to the MN?  If so,
how will this work if MN is already behind an FA in the foreign subnet?  Or,
If you had something different in mind, perhaps you can elaborate on that.
Best regards,
Farid


-----Original Message-----
From: Jayshree Bharatia [mailto:jayshree@nortelnetworks.com],
Sent: Friday, April 04, 2003 3:14 PM
To: 'farid.adrangi@intel.com'
Cc: 'mobile-ip@sunroof.eng.sun.com'
Subject: Comments on VPN Problem Statement Draft

Hello Farid, 
This draft (draft-ietf-mobileip-vpn-problem-statement-req-01) currently
misses one scenario were the FA is co-existed with the VPN Gateway. I would
think that there are no technical issues supporting this scenario. It will
be good if you can add this scenario in the draft (perhaps as section 2.6?)
for completeness.
Thanks, 
Jayshree 

_______________________________________________
Mip4 mailing list
Mip4@ietf.org
https://www.ietf.org/mailman/listinfo/mip4

v2.23.0 | Report a Bug | By Email