Dear all: After receiving an extensive review from Paul Wouters, and comments from Linda and Yoav, we have prepared a new version of draft-ietf-i2nsf-sdn-ipsec-flow-protection.
In order to accomplish the comments and improve the readability of YANG models, we have defined three parts: ietf-ipsec-common (Appendix A), ietf-ipsec-ike (Appendix B, IKE case), ietf-ipsec-ikeless (Appendix C, IKE-less case). The model ietf-ipsec-common has only typedef and groupings common to the other modules. This is also coherent with the fact that a NSF implementing IKE case should not be worried about implementing anything about IKE-less case and viceversa. We would like to have a 10-15 minute slot to explain this new version. We will participate remotely. Best Regards. > Inicio del mensaje reenviado: > > De: [email protected] > Asunto: New Version Notification for > draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt > Fecha: 11 de marzo de 2019, 20:54:28 CET > Para: "Fernando Pereniguez-Garcia" <[email protected]>, "Rafa > Marin-Lopez" <[email protected]>, "Rafael Lopez" <[email protected]>, "Gabriel > Lopez-Millan" <[email protected]> > > > A new version of I-D, draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt > has been successfully submitted by Rafa Marin-Lopez and posted to the > IETF repository. > > Name: draft-ietf-i2nsf-sdn-ipsec-flow-protection > Revision: 04 > Title: Software-Defined Networking (SDN)-based IPsec Flow > Protection > Document date: 2019-03-11 > Group: i2nsf > Pages: 49 > URL: > https://www.ietf.org/internet-drafts/draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt > Status: > https://datatracker.ietf.org/doc/draft-ietf-i2nsf-sdn-ipsec-flow-protection/ > Htmlized: > https://tools.ietf.org/html/draft-ietf-i2nsf-sdn-ipsec-flow-protection-04 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-sdn-ipsec-flow-protection > Diff: > https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-sdn-ipsec-flow-protection-04 > > Abstract: > This document describes how providing IPsec-based flow protection by > means of a Software-Defined Network (SDN) controller (aka. Security > Controller) and establishes the requirements to support this service. > It considers two main well-known scenarios in IPsec: (i) gateway-to- > gateway and (ii) host-to-host. The SDN-based service described in > this document allows the distribution and monitoring of IPsec > information from a Security Controller to one or several flow-based > Network Security Function (NSF). The NSFs implement IPsec to protect > data traffic between network resources with IPsec. > > The document focuses in the NSF Facing Interface by providing models > for Configuration and State data model required to allow the Security > Controller to configure the IPsec databases (SPD, SAD, PAD) and IKEv2 > to establish security associations with a reduced intervention of the > network administrator. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > ------------------------------------------------------- Rafa Marin-Lopez, PhD Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34868888501 Fax: +34868884151 e-mail: [email protected] -------------------------------------------------------
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
