I-D Action: draft-mglt-ipsecme-clone-ike-sa-01.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A New Internet-Draft is available from the on-line Internet-Drafts directories.


        Title           : Clone IKE SA Extension
        Authors         : Daniel Migault
                          Valery Smyslov
	Filename        : draft-mglt-ipsecme-clone-ike-sa-01.txt
	Pages           : 16
	Date            : 2014-03-13

Abstract:
   This document considers a VPN End User setting a VPN with a security
   gateway where at least one of the peer has multiple interfaces.

   With the current IKEv2, the outer IP addresses of the VPN are
   determined by those used by IKEv2 channel.  As a result using
   multiple interfaces requires to set an IKEv2 channel on each
   interface, or on each paths if both the VPN Client and the security
   gateway have multiple interfaces.  Setting multiple IKEv2 channel
   involves multiple authentications which may each require multiple
   round trips and delay the VPN establishment.  In addition multiple
   authentications unnecessarily increase load to the VPN client and the
   authentication infrastructure.

   This document presents the Clone IKE SA extension, where an
   additional IKEv2 channel is derived from an already authenticated
   IKEv2 channel.  The newly created IKEv2 channel is set without the
   IKEv2 authentication exchange.  The newly created IKEv2 channel can
   then be assigned to another interface using MOBIKE.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-mglt-ipsecme-clone-ike-sa/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-mglt-ipsecme-clone-ike-sa-01

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-mglt-ipsecme-clone-ike-sa-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux