|
We have submitted a new version of the draft, addressing a large
number of (mostly minor) comments from the IESG, as well as from
Pekka Riikonen on this list. The most significant changes are a new
architectural diagram and an improvement to the Examples appendix. Thanks, Yaron -------- Original Message --------
A new version of I-D, draft-ietf-ipsecme-ipsecha-protocol-06.txt has been successfully submitted by Yaron Sheffer and posted to the IETF repository.
Filename: draft-ietf-ipsecme-ipsecha-protocol
Revision: 06
Title: Protocol Support for High Availability of IKEv2/IPsec
Creation_date: 2011-05-06
WG ID: ipsecme
Number_of_pages: 26
Abstract:
The IPsec protocol suite is widely used for business-critical network
traffic. In order to make IPsec deployments highly available, more
scalable and failure-resistant, they are often implemented as IPsec
High Availability (HA) clusters. However there are many issues in
IPsec HA clustering, and in particular in IKEv2 clustering. An
earlier document, "IPsec Cluster Problem Statement", enumerates the
issues encountered in the IKEv2/IPsec HA cluster environment. This
document resolves these issues with the least possible change to the
protocol.
This document defines an extension to the IKEv2 protocol to solve the
main issues of "IPsec Cluster Problem Statement" in the commonly
deployed hot-standby cluster, and provides implementation advice for
other issues. The main issues solved are the synchronization of
IKEv2 Message ID counters, and of IPsec Replay Counters.
The IETF Secretariat.
|
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
