Linda, I got it. :) That is good to me. Thanks.
Best Regards, Paul On Thu, Apr 18, 2019 at 12:08 AM Linda Dunbar <[email protected]> wrote: > Paul, > > > > Yes, we are going to have the phased approach to finish WGLC for all the > data models drafts before IETF105. > > > > Linda > > > > *From:* Mr. Jaehoon Paul Jeong [mailto:[email protected]] > *Sent:* Wednesday, April 17, 2019 10:05 AM > *To:* Linda Dunbar <[email protected]> > *Cc:* Gabriel Lopez <[email protected]>; Yoav Nir <[email protected]>; > [email protected]; Chris Shen <[email protected]>; > [email protected]; Jingyong (Tim) Kim < > [email protected]> > *Subject:* Re: [I2nsf] Request for WGLC on I2NSF YANG Data Models > > > > Hi Linda, > > No problem. > > These WGLC on these two drafts are great! > > > > Are you going to do WGLC on other interface data model drafts, such as > > Consumer-Facing Interface, NSF-Facing Interface, and Registration > Interface together > > or after WGLC completion of the Capability data model draft? > > > > Thanks. > > > > Best Regards, > > Paul > > > > > > On Wed, Apr 17, 2019 at 11:56 PM Linda Dunbar <[email protected]> > wrote: > > Paul, et al, > > > > We will start the WGLC after closing the i2nsf-capability WGLC and > i2nsf-sdn-ipsec-flow-protection. > > Should start the WGLC by May 8. > > > > Thanks for being patient. > > > > Linda & Yoav. > > > > > > *From:* Mr. Jaehoon Paul Jeong [mailto:[email protected]] > *Sent:* Thursday, April 04, 2019 5:41 AM > *To:* Gabriel Lopez <[email protected]> > *Cc:* Linda Dunbar <[email protected]>; Yoav Nir < > [email protected]>; [email protected]; Chris Shen <[email protected]>; > [email protected]; Jingyong (Tim) Kim < > [email protected]>; Mr. Jaehoon Paul Jeong <[email protected]> > *Subject:* Re: [I2nsf] Request for WGLC on I2NSF YANG Data Models > > > > Hi Gabriel, > > I have submitted a revision of the Consumer-Facing Interface Data Model > draft supporting > > your IPsec method for IKE and IKEless cases: > > > https://tools.ietf.org/html/draft-ietf-i2nsf-consumer-facing-interface-dm-04 > > > > > Thanks. > > > > Best Regards, > > Paul > > > > On Mon, Apr 1, 2019 at 10:30 PM Mr. Jaehoon Paul Jeong < > [email protected]> wrote: > > Hi Gabriel, > > I will answer your questions inline below. > > > > On Mon, Apr 1, 2019 at 7:18 PM Gabriel Lopez <[email protected]> wrote: > > Hi Paul. > > > > Just a few comments about the drafts: > > > > El 28 mar 2019, a las 8:39, Mr. Jaehoon Paul Jeong <[email protected]> > escribió: > > > > Hi Linda and Yoav, > > As we discussed this I2NSF WG meeting, my SKKU team reflected the data > convergence > > including I2NSF IPsec (such as ipsec-ike case and ipsec-ikeless case) on > the three data model drafts, and then > > uploaded them into the IETF repository this morning: > > - NSF Capability Data Model > > - NSF-Facing Interface Data Model > > - Registration Interface Data Model > > > > The update of each draft is described in Changes section per draft. > > > > There is no change in Consumer-Facing Interface Data Model draft. > > > > Could you start WGLC for the following four data model drafts? > > - NSF Capability Data Model > > https://tools.ietf.org/html/draft-ietf-i2nsf-capability-data-model-04 > > > > > > This draft specifies whether IKE/ IKE-less cases are supported by the NSF > or not, in the same way that it specifies if the NSF supports IPS or not. > But the details about capabilities for ipsec or IDS are moved now to > another draft (dong-i2nsf-asf-config). Is it right? > > > > => Yes. For the detailed configuration of ipsec, we will be able to use > your data model by > > letting it be referenced by our NSF-facing interface YANG module. > > We will let you know how to modify your YANG module this week so > that it can be used by our NSF-facing interface data model. > > > > > > > > - NSF-Facing Interface Data Model > > https://tools.ietf.org/html/draft-ietf-i2nsf-nsf-facing-interface-dm-05 > > > > How does it align with the security-policy-translation draft? > > => The security policy translator translates a high-level security policy > XML file (based on Consumer-facing interface data model) > > into a low-level security policy XML file (based on NSF-facing > interface data model). > > In the security-policy-translation draft, > > there is exemplary XML code as follows: > > - High-level security policy XML Code > > > https://tools.ietf.org/html/draft-yang-i2nsf-security-policy-translation-03#page-7 > > > > - Low-level security policy XML Code > > > https://tools.ietf.org/html/draft-yang-i2nsf-security-policy-translation-03#page-18 > > > > > > - Registration Interface Data Model > > > https://tools.ietf.org/html/draft-ietf-i2nsf-registration-interface-dm-03 > > > > > > > > > > - Consumer-Facing Interface Data Model > > > https://tools.ietf.org/html/draft-ietf-i2nsf-consumer-facing-interface-dm-03 > > > > > > Import of the ipsec draft should not be included here. Both drafts (ipsec > and this one) should stay both like nsf facing interface models, but not > one integrated into the other. > > > > => This statement is not clear to me. Could you clarify this more > clearly if you have a better way? > > > > For Registration interface data model, we use ipsec-method (either > IKE or IKEless) that is defined in I2NSF Capability data model draft: > > > https://tools.ietf.org/html/draft-ietf-i2nsf-capability-data-model-04#page-7 > > > > To use this ipsec-method in Registration interface data model, we > import I2NSF Capability data model as follows: > > > > ############################################################ > > 6.1.3. NSF Capability Information - p. 11 > > > https://tools.ietf.org/html/draft-ietf-i2nsf-registration-interface-dm-03#page-11 > > > > > > ---------------------------------------------------------------------------------------------------- > > 6.2. YANG Data Modules - p. 12 > > > https://tools.ietf.org/html/draft-ietf-i2nsf-registration-interface-dm-03#page-12 > > > > > import ietf-i2nsf-capability{ > > prefix capa; > > reference "draft-ietf-i2nsf-capability-data-model-04"; > > } > > > > > ---------------------------------------------------------------------------------------------------- > > grouping i2nsf-nsf-capability-info - p. 15-16 > > > https://tools.ietf.org/html/draft-ietf-i2nsf-registration-interface-dm-03#page-16 > > > > > group i2nsf-nsf-capability-info { > > description > > "Detail information of an NSF"; > > container i2nsf-capability { > > description > > "ietf i2nsf capability information"; > > uses "capa:nsf-capabilities"; > > reference "draft-ietf-i2nsf-capability-data-model-04"; > > } > > container nsf-performance-capability { > > description > > "performance capability"; > > uses i2nsf-nsf-performance-capability; > > } > > } > > > > > ---------------------------------------------------------------------------------------------------- > > Configuration Example 1~6: p. 19 > > > https://tools.ietf.org/html/draft-ietf-i2nsf-registration-interface-dm-03#page-19 > > > > > <ipsec-method>ikeless</ipsec-method> > > ############################################################ > > > > For the configuration of IPsec (e.g., SPD and PAD parameters) for an > NSF, could you make a YANG code > > for such configuration for Registration interface YANG code and XML > code like our example in > > Registration interface data model draft? > > We will be able to include your YANG code to accommodate IPsec > configuration in the revision of our Registration interface data model > draft. > > > > If you have a better way to configure your IPsec configuration into > Security Controller, please let me know. > > > > => For Consumer-facing interface data model, we will include ipsec-method > (either IKE or IKEless) in > > the revision of Consumer-facing interface data model draft. > > This configuration will let NSFs for a high-level security policy > make an IPsec tunnel between each pair of NSFs > > along the SFC path (e.g., Firewall -> DPI -> DDoS Attack Mitigator).. > > > > I think your students can work with my students at SKKU for the test > of this integration and test. > > My Ph.D student, Jinyong (Tim) Kim, is in charge of the > implementation and test. > > > > If you have questions, please let me know. > > > > Thanks. > > > > Best Regards, > > Paul > > > > Best regards, Gabi. > > > > > > I hope we can publish them before the IETF-105 Montreal meeting. :-) > > > > Thanks. > > > > Best Regards, > > Paul > > -- > > =========================== > Mr. Jaehoon (Paul) Jeong, Ph.D. > Associate Professor > Department of Software > Sungkyunkwan University > Office: +82-31-299-4957 > Email: [email protected], [email protected] > Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php > <http://cpslab.skku.edu/people-jaehoon-jeong.php> > > _______________________________________________ > I2nsf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i2nsf > > > > ----------------------------------------------------------- > Gabriel López Millán > Departamento de Ingeniería de la Información y las Comunicaciones > University of Murcia > Spain > Tel: +34 868888504 > Fax: +34 868884151 > email: [email protected] <[email protected]> > > > > > > > > > > > -- > > =========================== > Mr. Jaehoon (Paul) Jeong, Ph.D. > Associate Professor > Department of Software > Sungkyunkwan University > Office: +82-31-299-4957 > Email: [email protected], [email protected] > Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php > <http://cpslab.skku.edu/people-jaehoon-jeong.php> > > > > > -- > > =========================== > Mr. Jaehoon (Paul) Jeong, Ph.D. > Associate Professor > Department of Software > Sungkyunkwan University > Office: +82-31-299-4957 > Email: [email protected], [email protected] > Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php > <http://cpslab.skku.edu/people-jaehoon-jeong.php> > > > > > -- > > =========================== > Mr. Jaehoon (Paul) Jeong, Ph.D. > Associate Professor > Department of Software > Sungkyunkwan University > Office: +82-31-299-4957 > Email: [email protected], [email protected] > Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php > <http://cpslab.skku.edu/people-jaehoon-jeong.php> > -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Associate Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: [email protected], [email protected] Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php <http://cpslab.skku.edu/people-jaehoon-jeong.php>
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
