Hi:
A new draft-bottorff-ipsecme-mtdcuc-ipsec-lb-00 has been posted in the ipsecme documents which describes a use case for IPsec load balancing. Name: draft-bottorff-ipsecme-mtdcuc-ipsec-lb Revision: 00 Title: Multi-tenant Data Center Use Case for IPsec Load Balancing Document date: 2021-07-05 Group: Individual Submission Pages: 11 Abstract: IPsec is of increasing importance within data centers to secure tunnels used to carry multi-tenant traffic encapsulated using the Network Virtualization over L3 (NVO3) protocols. Encrypting NVO3 tunnels provides defence against bad actors within the physical underlay network from monitoring or injecting overlay traffic from outside the NVO3 infrastructure. When securing data center tunnels using IPsec it becomes crucial to retain entropy within the outer IPsec packet headers to facilitate load balancing over the highly meshed networks used in these environments. While entropy is necessary to support load distribution algorithms it is also important that the entropy codes used retain integrity of flows to prevent performance deterioration resulting from packet re-ordering. Here, we describe a use case for load balancing IPsec traffic within multi-tenant data centers. Cheers, Paul
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
