I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please see


http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html

).

Please wait for direction from your document shepherd
or AD before posting a new version of the draft.

Document: draft-ietf-ipsecme-ad-vpn-problem-07.txt
Reviewer: Suresh Krishnan
Review Date: 2013/06/24
IESG Telechat date: 2013/06/27

Summary: This draft is almost ready for publication as an Informational
RFC but I do have a few comments that the authors may want to consider.

Minor
=====

* Section 2.3

The following sentence is a bit confusing. How does a mobile user
connect to a new gateway without reinitiating a connection? Can you
please clarify or reword.

"The mobile user ought to be able to discover and then connect to the
current most efficient gateway without having to reinitiate the connection."

* Section 4.1. Requirement 5

Shouldn't there be a requirement here that states what kind of damage is
allowed and prohibited in case a hub node is compromised?

* Section 4.1. Requirement 12

It is unclear what this requirement means. Is the requirement for the
solution to integrate with multicast routing protocols to come up with a
different (and optimized) multicast ADVPN topology or to simply allow
the advpn to carry (flattened out) multicast traffic?

* Section 4.1. Requirement 14

Are there any special requirements that L3VPN poses on top of what is
required for carrying generic IP traffic? If so, can you elaborate here.

Thanks
Suresh