[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Proposed BOF charter and agenda

Here is the revised text, with the clarification on the
stateful/stateless modes of failover. Hope this helps. 



IPsec gateways maintaining SAs with large number of remote access
clients may take unacceptably long times to recover from gateway or
network failures when all the clients were to use a full IKEv2 exchange
to re-establish the SAs.

This is especially true if EAP is used for client authentication in
IKEv2. This concern particularly applies to application servers such as
Mobile IP Home Agents that use IPsec. The SA re-establishment may be
with the same gateway (server) from which the client gets disconnected
or another gateway that is within the same secure domain as the original

For the scope of this work, it is not assumed that the gateways in the
secure domain share the same IP address or the same view of the network
(connected to different DHCP servers etc.). Hence, failovers are not
transparent to the client. The client may need to acquire a new IP
address upon recovery.  It is assumed that in this case, the original
IKEv2 exchange used the Configuration Payload to acquire configuration

The scope of this work involves the specification of statelss and
stateful modes of recovery - in the stateless mode, the state is
maintained on the client and no state is maintained in the
infrastructure except on the serving gateway; in the stateful mode, the
state is maintained in the infrastructure, either on a backup gateway or
in a state store. 

The purpose of this working group is to define necessary payloads to

1) Negotiation of failover recovery capability
2) Server to client state transfer for stateless recovery
3) Client-gateway IKEv2 session resumption
4) IKEv2/IPsec state and corresponding format needed for recovery

Support for capabilities beyond those listed above is out of scope: 
more precisely, specification of a gateway to gateway state transport
protocol, protocol or payload extensions or modifications to support
load balancing between gateways is out of scope.


> -----Original Message-----
> From: owner-ietf-ipsec-failover@xxxxxxxxxxxxx 
> [mailto:owner-ietf-ipsec-failover@xxxxxxxxxxxxx] On Behalf Of 
> Stephen Kent
> Sent: Monday, February 05, 2007 2:00 PM
> To: Narayanan, Vidya
> Cc: Paul Hoffman; ietf-ipsec-failover@xxxxxxxx
> Subject: RE: Proposed BOF charter and agenda
> At 12:25 PM -0800 2/5/07, Narayanan, Vidya wrote:
> >
> >...
> >  >
> >
> >#2 is referring to the case where the initial gateway is 
> providing the 
> >state to the client that can be presented by the client to a new 
> >gateway upon failover. "Stateless" there refers to the backend 
> >operation - when the state is stored in the client, the 
> infrastructure 
> >can remain stateless for the purpose of failover (i.e., no 
> state needed 
> >on backup gateways). Re-reading the charter text, it looks 
> like we have 
> >no explanation of what we mean by stateful or stateless in that text.
> >Perhaps, we should clarify that to avoid confusion.
> >
> >Would that address your concern?
> >
> >Vidya
> Absolutely!  The choice of words in the description for #2 
> gave me the exact opposite impression.  I'd glad that what I 
> read was not what was intended.
> Steve