Support. Few comments:
i) Section "5. Security Considerations" discusses about ACL for NVE. IMO, we should also need to have Authentication/Authorization of adding ACLs to NVE to make it more secure. Though this will add little processing during addition of ACLs, But will not have any impact on the runtime traffic while accessing the ACLs for validation. As NVE, will be a single point of hack for potential attacks where one can access multiple VNs of multiple tenants. ii) Also, if we can accommodate per VN based ACLs which will be quite advantageous for Tenants. iii) We can also think of Inter - DC overlay network when we may not need any secure gateways for connectivity between NVEs and Intra - DC overlay networks where NVEs can be connected using Secure Gateways of underlying network. Regards, Balaji.P -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Benson Schliesser Sent: Friday, June 28, 2013 6:56 AM To: [email protected] Subject: [nvo3] Poll for WG Adoption of draft-kreeger-nvo3-overlay-cp-04 This email begins a two week poll to help the chairs judge if there is consensus to adopt draft-kreeger-nvo3-overlay-cp-04 as an NVO3 working group draft. Please respond to this email on the list with 'support' or 'do not support'. Please also send any comments on the draft to the NVO3 list. We are also polling for knowledge of any IPR that applies to this draft, to ensure that IPR has been disclosed in compliance with IETF IPR rules (see RFCs 3979, 4879, 3669 and 5378 for more details). If you are listed as a document author or contributor, please respond to this email whether or not you are aware of any relevant IPR. The draft will not be adopted until a response has been received from each author and contributor. If you are on the NVO3 WG email list but are not listed as an author or contributor, then please explicitly respond only if you are aware of any IPR that has not yet been disclosed in conformance with IETF rules. This poll closes on 11 July 2013. Cheers, -Benson & Matthew _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3 _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
