IPsec Cluster Problem Statement
RFC 6027
Approval announcement
Draft of message to be sent after approval:
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
RFC Editor <rfc-editor@rfc-editor.org>,
ipsecme mailing list <ipsec@ietf.org>,
ipsecme chair <ipsecme-chairs@tools.ietf.org>
Subject: Document Action: 'IPsec Cluster Problem Statement' to Informational RFC
The IESG has approved the following document:
- 'IPsec Cluster Problem Statement '
<draft-ietf-ipsecme-ipsec-ha-09.txt> as an Informational RFC
This document is the product of the IP Security Maintenance and Extensions Working Group.
The IESG contact persons are Sean Turner and Tim Polk.
A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-ipsec-ha-09.txt
Technical Summary
This document describes the problems associated with clustering
of IKE/IPsec VPN endpoints using the existing set of standards.
It is claimed that the amount and volatility of IKE/IPsec state
result in numerous challenges for such clustering. The document
defines terminology for high availability and load sharing
clusters implementing IKE and IPsec, and describes gaps in the
existing standards.
Working Group Summary
There was no controversy other than a prolonged discussion on
terminology.
Document Quality
This is a problem statement, not a protocol. However it is noted
that the vast majority of IPsec VPN products support some form
of clustering, and there is a strong feeling in the working group
that this document is a step forward in allowing better
interoperability of clustered systems.
Personnel
Yaron Sheffer (yaronf.ietf@gmail.com) is the document shepherd.
Sean Turner (turners@ieca.com) is Responsible Area Director?