Dear Paul, all: > El 20 jul 2022, a las 17:38, Mr. Jaehoon Paul Jeong <[email protected]> > escribió: > > Hi Sue, > I have much interest in your proposed item.
Yes, we do as well. > I think the following RFC 9061 can be used for the IPsec interface for BGP > over IPsec. > > - RFC 9061: A YANG Data Model for IPsec Flow Protection Based on > Software-Defined Networking (SDN) > https://datatracker.ietf.org/doc/html/rfc9061 > <https://datatracker.ietf.org/doc/html/rfc9061> Yes, we agree with this view. > > We can regard BGP routers as NSFs, and we can run either IKE or IKE-less > approach in RFC 9061. Correct. > We can also extend the approach in RFC 9061 so that it can accommodate BGP > message exchanges > (e.g., AS-PATH and NEXT-HOP attributes). > > I will investigate RFC 9061 more to see whether my comments are correct or > not. Paul, Sue, with a clear list of requirements and needs (i.e. what information needs to be configured), we may give precise information about how RFC 9061 can help on this and to discover whether this extension is needed or not. And , in case it is needed, how to carry out this modification. Best Regards. > > Thanks. > > Best Regards, > Paul > > On Wed, Jul 20, 2022 at 8:55 PM Susan Hares <[email protected] > <mailto:[email protected]>> wrote: > Linda: > > > > I apologize for being unclear. We ran into a few problems with trying to > complete the BGP Yang model in the area of IPsec links. BGP runs over TCP > over IPsec links in some scenarios. When creating the modeling, it was > unclear which Yang modules were targeted to support this feature. > > > > What I need is advice from the I2NSF and the IPSECME on the place to ask for > work additions to support BGP peers. > > > > The scenario is between two BGP routers. The type of IPsec connections > between BGP routers can be: > > within a trusted cloud (same administrative domain, same trust cloud), > across a physically secure private link, > across the open Internet (where attacks happen). > > > The key is we want to configure and monitor the IPsec link. > > > > As BGP co-authors looked at this, I did not understand which group to ask > help from. I volunteered to ask for help. > > > > If you or anyone can point me to where to go without taking valuable WG time, > it would be great. If you need me to explain more on email, I’d be glad to. > > > > Rather than just pose this question from the Mike-line, I thought I’d ask > ahead of time. > > > > Cheers, sue > > > > From: Linda Dunbar <[email protected] > <mailto:[email protected]>> > Sent: Tuesday, July 19, 2022 6:09 PM > To: Susan Hares <[email protected] <mailto:[email protected]>>; [email protected] > <mailto:[email protected]> > Subject: RE: IETF 114 I2NSF agenda uploaded > > > > > > > Sue, > > > > Are you talking about IPsec between two trusted nodes? > > Something different from the IPsecme WG? > > > > Linda > > > > From: Susan Hares <[email protected] <mailto:[email protected]>> > Sent: Tuesday, July 19, 2022 3:00 PM > To: Linda Dunbar <[email protected] > <mailto:[email protected]>>; [email protected] <mailto:[email protected]> > Subject: RE: IETF 114 I2NSF agenda uploaded > > > > Linda: > > > > In the recharter discussion, is it appropriate to ask about specific items > such as additions to ipsec work in I2NSF? > > I do not have a draft for this work. > > > > Sue > > > > From: I2nsf <[email protected] <mailto:[email protected]>> On > Behalf Of Linda Dunbar > Sent: Tuesday, July 19, 2022 3:44 PM > To: [email protected] <mailto:[email protected]> > Subject: [I2nsf] IETF 114 I2NSF agenda uploaded > > > > > > I2NSF WG, > > > > Here is the agenda for next week’s I2NSF session (Tuesday). > > > > https://datatracker.ietf.org/doc/agenda-114-i2nsf/ > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fagenda-114-i2nsf%2F&data=05%7C01%7Clinda.dunbar%40futurewei.com%7C8b5d4da98b89456a579d08da69c1548c%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C1%7C637938576342441642%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=N040a56pN%2BLVElz5IOt4jddwoHRH1pKTpTkAPMhd%2BD4%3D&reserved=0> > > > Please let me know if I miss anything. > > > > Thank you. > > Linda > > _______________________________________________ > I2nsf mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/i2nsf > <https://www.ietf.org/mailman/listinfo/i2nsf> > _______________________________________________ > I2nsf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i2nsf ------------------------------------------------------ Rafa Marin-Lopez, PhD Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34868888501 Fax: +34868884151 e-mail: [email protected] -------------------------------------------------------
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
