IPsec Cluster Problem Statement
RFC 6027
Approval announcement
Draft of message to be sent after approval:
From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>, ipsecme mailing list <ipsec@ietf.org>, ipsecme chair <ipsecme-chairs@tools.ietf.org> Subject: Document Action: 'IPsec Cluster Problem Statement' to Informational RFC The IESG has approved the following document: - 'IPsec Cluster Problem Statement ' <draft-ietf-ipsecme-ipsec-ha-09.txt> as an Informational RFC This document is the product of the IP Security Maintenance and Extensions Working Group. The IESG contact persons are Sean Turner and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-ipsec-ha-09.txt
Technical Summary This document describes the problems associated with clustering of IKE/IPsec VPN endpoints using the existing set of standards. It is claimed that the amount and volatility of IKE/IPsec state result in numerous challenges for such clustering. The document defines terminology for high availability and load sharing clusters implementing IKE and IPsec, and describes gaps in the existing standards. Working Group Summary There was no controversy other than a prolonged discussion on terminology. Document Quality This is a problem statement, not a protocol. However it is noted that the vast majority of IPsec VPN products support some form of clustering, and there is a strong feeling in the working group that this document is a step forward in allowing better interoperability of clustered systems. Personnel Yaron Sheffer (yaronf.ietf@gmail.com) is the document shepherd. Sean Turner (turners@ieca.com) is Responsible Area Director?