Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)

To: "Haddad\, Wassim Michel" <whaddad at qualcomm.com>
Subject: Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)
From: arno at natisbad.org (Arnaud Ebalard)
Date: Mon, 17 Nov 2008 14:45:54 -0800
Cc: IPsec IETF WG ML <ipsec at ietf.org>, Mobopts IRTF WG ML <mobopts at irtf.org>, IETF MEXT WG ML <mext at ietf.org>
Delivered-to: ietfarch-mobopts-web-archive at core3.amsl.com
Delivered-to: mobopts at core3.amsl.com
In-reply-to: <C54744E3.6A58%whaddad at qualcomm.com> (Wassim Michel Haddad's message of "Mon, 17 Nov 2008 12:57:23 -0800")
List-archive: <https://www.irtf.org/mailman/private/mobopts>
List-help: <mailto:mobopts-request@irtf.org?subject=help>
List-id: Mobility Optimizations <mobopts.irtf.org>
List-post: <mailto:mobopts@irtf.org>
List-subscribe: <https://www.irtf.org/mailman/listinfo/mobopts>, <mailto:mobopts-request@irtf.org?subject=subscribe>
List-unsubscribe: <https://www.irtf.org/mailman/listinfo/mobopts>, <mailto:mobopts-request@irtf.org?subject=unsubscribe>
References: <C54744E3.6A58%whaddad at qualcomm.com>
Sender: mobopts-bounces at irtf.org
User-agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.2 (gnu/linux)

Hi,

"Haddad, Wassim Michel" <whaddad at qualcomm.com> writes:

> I have just submitted a new I-D [1] which certainly requires an
> introduction (and disclaimer): it specifies a MIPv6 Route Optimization
> procedure *dedicated* to environments where IPsec/IKE is used between
> peers (MN-HA, MN-CN, MN-MN) for protecting both signaling and data
> traffic.
>
> Some of the improvements provided by this "IPsec Route Optimization"
> mechanism (IRO) are also proposed for the IPsec communications between
> the MN and its HA.
>
> Among the features provided by IRO (introduction of the document as
> a more accurate list):
>
>   * Complete removal of RH2 and HAO (resulting in simplified packet
>     handling on both sides and possibly better compatibility with
>     filtering implemented in the network),
>
> => You can have complete removal of both options without introducing a
> new RO mode.

Sure. But there are additional reasons (and advantages, as provided in
my previous list) to introduce a new RO mode. IMHO, those advantages are
worth the introduction. But I am interested on feedback about those
specific parts of my I-D.

> Please check
> http://www.ietf.org/internet-drafts/draft-haddad-mipshop-tunneling-optimization-01.txt 

I already read version -00. I basically took a look at all I-D and
reference documents associated with tunneling optimizations and MIPv6 RO 
(always in an IPsec context): ERO, BEET, RO design history, your draft
...

Your proposal may have an interest for the common RO case if one intend
to keep the RRP. I just don't. I am convinced that removing the
duplicated states and exchanges when IPsec/IKE are used in a MIPv6
context can provide a far better solution.

>From my perspective, I just don't feel the need to introduce additional
states and exchanges (the PaT) because those are already available
locally (and synchronized over time) on the IPsec/MIPv6 entities
(SA/Bindings). Obviously, this is only true for IPsec entities, which
are (as presented before) my targets.

Thanks for your comments.

Cheers,

a+

ps: note that my -00 lacks pictures to ease the understanding of what
    happens. That's on the todo list for -01.
_______________________________________________
Mobopts mailing list
Mobopts at irtf.org
https://www.irtf.org/mailman/listinfo/mobopts

References:
- Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)
  - From: Haddad, Wassim Michel

Prev by Date: Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)
Next by Date: [Mobopts] ID-update of draft-irtf-mobopts-mmcastv6-ps
Previous by thread: Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)
Index(es):
- Date
- Thread

Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.