RE: [Mip4] review of draft-devarapalli-mip4-mobike-connectivity-00.txt
"Kent Leung \(kleung\)" <kleung@cisco.com> Tue, 30 August 2005 18:40 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EAB2E-0000OX-S5; Tue, 30 Aug 2005 14:40:38 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EAB2C-0000OP-Rv for mip4@megatron.ietf.org; Tue, 30 Aug 2005 14:40:36 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA29816 for <mip4@ietf.org>; Tue, 30 Aug 2005 14:40:35 -0400 (EDT)
Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EAB3n-0001OO-ID for mip4@ietf.org; Tue, 30 Aug 2005 14:42:16 -0400
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-3.cisco.com with ESMTP; 30 Aug 2005 11:40:25 -0700
X-IronPort-AV: i="3.96,154,1122879600"; d="scan'208"; a="337206208:sNHT33837836"
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j7UIeFQQ027820; Tue, 30 Aug 2005 11:40:20 -0700 (PDT)
Received: from xmb-sjc-235.amer.cisco.com ([128.107.191.85]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 30 Aug 2005 11:40:21 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [Mip4] review of draft-devarapalli-mip4-mobike-connectivity-00.txt
Date: Tue, 30 Aug 2005 11:40:20 -0700
Message-ID: <2979E38DD6FC6544B789C8DAD7BAFC52923F11@xmb-sjc-235.amer.cisco.com>
Thread-Topic: [Mip4] review of draft-devarapalli-mip4-mobike-connectivity-00.txt
Thread-Index: AcWr0cxTCNIjdYI1TGmUazSE/du3WQBvg3dw
From: "Kent Leung (kleung)" <kleung@cisco.com>
To: sami.vaarala@iki.fi, Jari Arkko <jari.arkko@piuha.net>
X-OriginalArrivalTime: 30 Aug 2005 18:40:21.0658 (UTC) FILETIME=[46EB3FA0:01C5AD92]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 68ba2b07ef271dba6ee42a93832cfa4c
Content-Transfer-Encoding: quoted-printable
Cc: mip4@ietf.org
X-BeenThere: mip4@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Mobility for IPv4 <mip4.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mip4>, <mailto:mip4-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mip4@ietf.org>
List-Help: <mailto:mip4-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mip4>, <mailto:mip4-request@ietf.org?subject=subscribe>
Sender: mip4-bounces@ietf.org
Errors-To: mip4-bounces@ietf.org
I agree with Sami. 1) x-MIP solution should go forth as it directly addressed the problem statement, RFC 4093. 2) Now, there is the effort to provide a solution that can avoid the extra tunnel overhead on the airlink and layering on the MN for data traffic. For #2, assuming this is the new requirement/problem statement to support VPN traversal, one possible solution is MOBIKE while another is x-MIP with optimization. MOBIKE requires changes to VPN GW and can't work with FAs. X-MIP w/optimization don't have these restrictions. It's worth defining the requirements of the long-term solution. Kent > -----Original Message----- > From: mip4-bounces@ietf.org [mailto:mip4-bounces@ietf.org] On > Behalf Of Sami Vaarala > Sent: Sunday, August 28, 2005 7:30 AM > To: Jari Arkko > Cc: mip4@ietf.org > Subject: Re: [Mip4] review of > draft-devarapalli-mip4-mobike-connectivity-00.txt > > Hi, > > >> The problem I see w.r.t. to using IKEv2/MOBIKE is that it > does not, > >> alone, match the current problem statement. The > assumption made in > >> draft-ietf-mip4-vpn-problem-statement-03.txt is that existing > >> deployed VPN infrastructure should be used (see e.g. > >> Section 5.1). > >> > >> > > Yes. I still view that as the main and most urgent use case, so the > > problem statement is OK. However, I believe we are also at > a situation > > where we can see future deployments (particularly those based on > > IKEv2) start to do new things. I don't see a problem with > pursuing two > > tracks simultaneously. Its not like they would be two redundant > > solutions, its more like points in different stages of evolution. > > Right, I agree. And I agree we can pursue two tracks at the > same time. However, given that these two tracks have so much > in common, it doesn't seem useful to specify them in two > seemginly separate specifications. Given the way the > solutions are specified, x-MIP + IKEv1 vs. MOBIKE + IKEv2 are > just two different access modes. > The overall approach, the intranet detection, etc, are all same. > > But stepping back a little, if we relax either the "existing VPN" > or "minimal MIPv4 changes" assumptions, we get a number of > different solutions. For instance: > > - A *very* straightforward way of getting mobility without x-MIP > (and just IKEv1+IPsec) is just to use the "implicit ESP update" > mechanism already deployed by some vendors. I believe a similar > mechanism is used in the MIPv6 + IPsec draft. This is rather > simple to implement and does away with the x-MIP overhead > completely. > > - We could specify IKEv1 mobility extensions to allow more or less > the same effect albeit with more vendor effort. Vijay's draft's > Appendix has a suggestion for this. > > - Looking at x-MIP, we can also eliminate x-MIP overhead > completely > by defining an optimization extension between the MN > and the x-HA. > This approach retains FA support, while eliminating all x-MIP > overhead in non-FA scenarios. The rough approach was > described in > draft-vaarala-mip4-optudp-00 [*]. > > - A very important concern in practice is managing the keys and > authentication in a dual MIP or MOBIKE+MIP solution. Should we > define something to make this easier? > > At least to me it's not at all clear which avenue would > produce the best possible solution - minimal changes, maximum > impact, and maximum generality (especially). So going past > absolute minimum changes (dual > MIP) needs more thought on what criteria we should apply to solutions. > > >> If we decide that there is no deployment issue w.r.t. MIPv4 and > >> already deployed VPNs, we should IMO take a larger view of > improving > >> MIPv4/VPN coexistence. Minimizing overlap between the two > mechanisms > >> would give a much better solution. For instance, there is > room for > >> improvement in MIPv4 packet overhead, MIPv4/VPN compression > >> interactions, and integrated MIPv4/VPN packet authentication. > >> > > I believe we will eventually get there. Probably step by step, > > however. I view Vijay's draft one of those steps... eliminating one > > unnecessary level in the stack. > > Or are you arguing that we should spend more time thinking > what to do, > > if we discard the no-changes-at-all assumption? > > I think we should work on defining what the longer term goal is w.r.t. > IPsec and MIPv4 integration. I don't think it's clear people > agree what that goal should be. And proposing, discussing, > and comparing solutions beyond dual MIP is difficult at the > moment, because we have nothing to compare them against. > > As far as dual MIP is concerned, going forward with it would > be useful as a baseline and as documenting existing practice > (as far as I know, some people are deploying it, although I'm > not sure at what scale). > But if we agree on working on a better long-term solution, > that would of course be preferable to working on a limited > dual MIP solution. > > Best, > > -Sami > > [*] > http://users.tkk.fi/~svaarala/publications/draft-vaarala-mip4- > optudp-00.txt > > > -- > Mip4 mailing list: Mip4@ietf.org > Web interface: https://www1.ietf.org/mailman/listinfo/mip4 > Charter page: http://www.ietf.org/html.charters/mip4-charter.html > Supplemental site: http://www.mip4.org/ > -- Mip4 mailing list: Mip4@ietf.org Web interface: https://www1.ietf.org/mailman/listinfo/mip4 Charter page: http://www.ietf.org/html.charters/mip4-charter.html Supplemental site: http://www.mip4.org/
- [Mip4] review of draft-devarapalli-mip4-mobike-co… Jari Arkko
- Re: [Mip4] review of draft-devarapalli-mip4-mobik… Sami Vaarala
- [Mip4] Re: review of draft-devarapalli-mip4-mobik… Vijay Devarapalli
- Re: [Mip4] review of draft-devarapalli-mip4-mobik… Jari Arkko
- Re: [Mip4] review of draft-devarapalli-mip4-mobik… Sami Vaarala
- RE: [Mip4] review of draft-devarapalli-mip4-mobik… Kent Leung (kleung)
- Re: [Mip4] review of draft-devarapalli-mip4-mobik… Vijay Devarapalli
- RE: [Mip4] review of draft-devarapalli-mip4-mobik… Kent Leung (kleung)