A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions Working Group of the IETF.
Title : Protocol Support for High Availability of IKEv2/IPsec
Author(s) : R. Jenwar, et al.
Filename : draft-ietf-ipsecme-ipsecha-protocol-04.txt
Pages : 23
Date : 2011-03-02
The IPsec protocol suite is widely used for business-critical network
traffic. In order to make IPsec deployments highly available, more
scalable and failure-resistant, they are often implemented as IPsec
High Availability (HA) clusters. However there are many issues in
IPsec HA clustering, and in particular in IKEv2 clustering. An
earlier document, "IPsec Cluster Problem Statement", enumerates the
issues encountered in the IKEv2/IPsec HA cluster environment. This
document attempts to resolve these issues with the least possible
change to the protocol.
This document proposes an extension to the IKEv2 protocol to solve
the main issues of "IPsec Cluster Problem Statement" in the commonly
deployed hot-standby cluster, and provides implementation advice for
other issues. The main issues to be solved are the synchronization
of IKEv2 Message ID counters, and of IPsec Replay Counters.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-ipsecha-protocol-04.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-ipsecme-ipsecha-protocol-04.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
