Editor's note: These minutes have not been edited. VTP - BOF 37th IETF - San Jose, Ca. 12/11/96 Reported by: Pat Henkle, US Robotics Access Corp. No one bashed the agenda Larger Font requested Poor lighting Make presentation available over the net. FTP://elroy.usr.com/pub/ietf/vtp.ppt and vtp.ps Document name is Draft-calhoun-vtp-protocol-00.txt Why do we think that PPP can not be used over cable networks - shared media model Focus on the differences from layer 2 tunneling Performance w/ distributed PPP processing is a key differentiator Idea to actually have the "more trusted" router to initiate tunnels for security control Support for less than 128 bit keys - export issues need to be considered. This is only a problem with encryption, not authentication. Fit w/ multi link bundles should be included - helps address multi link latency issues when tunneling accross network. Mobile IP comparison - does not address Roaming users Should review Bill Simpson's security associations w / tunnels for consideration of some of those ideas. Does not address multi-protocol. Interest? Why not merge w/ l2tp - time to market, PPP focus, SECURITY is important Complexity advantages of VTP over l2tp need to be articulated Discussion of multi-link bundle challenges with l2tp and pptp latency problem lost packets over Internet Consider using SA identifier in AH header w/ IPSEC Comparissons l2tp VTP IPSEC (tunnel mode) complexity simplicity ? 5 messages 2 messages ? NAS/router NAS/router NAS/router router/router - router/router IPSEC friendly IPSEC friendly - possible multilink possible multilink - latency issue improved latency - Distributed PPP Central PPP dogleg eliminator VTP may be easier to on clients which do not already have PPP. Sme of these are low powered CPU. Also, VTP would facilitate tunnel redirection since there is less state information than for L2TP tunnels.. Remove specific KDC scheme - point to others i.e., ISAKMP must use IPSEC to be considered consider tunnel redundancy / redirection VTP and IPSEC very similar - need to refine comparissons Strawman poll how many folks think PPP should be REQUIRED to do tunneling? - very few how many folks think PPP should NOT be REQUIRED to do tunneling? - most NEXT STEPS explore l2tp w/o PPP requirement to get distributed PPP