Re: [IPsec] P2P VPN draft UNCLASSIFIED

Mon, 19 Mar 2012 11:12:14 -0700 

I agree that the meshing becomes messy. And thus, Yoav's comment on partial 
mesh and such is valid.

Since the topology is, in my view, based on the use cases and the problem 
statement as I have understood them, a somewhat nebulous thing, I would offer 
up a very simple term for the goal:

     ad hoc VPN

As that would thus mean a VPN that is "formed, arranged, or done for a 
particular purpose only".

I will endeavor to have more commentary on the draft later this evening.

--
Mark Boltz, CISSP, CISA, NSA-IEM, CSGI
Director, Federal and Mid-Atlantic
e: mark.bo...@stonesoft.com<mailto:mark.bo...@stonesoft.com>   e: 
fede...@stonesoft.com<mailto:fede...@stonesoft.com>
p: 866.869.4075               c: 571.246.2233
o: 202.434.8963               f: 703.997.4759
w: http://www.stonesoft.com<http://www.stonesoft.com/>

1200 G St. NW, Suite 800
Washington, DC 20005-6705

Stonesoft: Network Security. Simplified.

On Mar 19, 2012, at 10:36 AM, Michael Richardson wrote:


"Yoav" == Yoav Nir <y...@checkpoint.com<mailto:y...@checkpoint.com>> writes:
   Yoav> As Tero pointed out, some of the use cases don't end up in a
   Yoav> full mesh, because sometimes administrators really want a
   Yoav> trunk, so the end result could be a mesh among nodes in the
   Yoav> same organization, and a trunk to another. Maybe even a
   Yoav> partial mesh (with "secondary nodes" behind particularly bad
   Yoav> NAT devices connecting to one of many "primary nodes")

I agree.

   Yoav> So perhaps the name should not include the word "mesh". How
   Yoav> about "dynamic discovery VPN" (DD-VPN)?

I offer:
 On-Demand Dynamic VPN  = ODD-VPN.

--
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] m...@sandelman.ottawa.on.ca<mailto:m...@sandelman.ottawa.on.ca> 
http://www.sandelman.ottawa.on.ca/ |device driver[
  Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
              then sign the petition.
_______________________________________________
IPsec mailing list
IPsec@ietf.org<mailto:IPsec@ietf.org>
https://www.ietf.org/mailman/listinfo/ipsec


_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to