1 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF VRRP Working Group March 2003 San Francisco IETF Mukesh Gupta / Nokia Chair.

Slides:

Advertisements

Similar presentations

NSIS WG 71th IETF Philadelphia, PA, USA March 12, 2008 WG chairs:John Loughney Martin Stiemerling.

Advertisements

OSPF WG - IETF 66 OSPF Protocol Evolution WG Re-Charter Acee Lindem/Cisco Systems.

SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.

Detecting Network Attachment IETF61 Chairs: Pekka Nikander, Greg Daley.

Tcpsecure ipr 1 Cisco IPR Disclosure Relating to tcpsecure Scott Bradner

69th IETF Chicago, July 2007 CCAMP Working Group Charter and Liaisons.

DNSEXT-63 Next steps in Trust Anchor Management for DNSSEC Ólafur Guðmundsson

MANET Where are we? Where are we going? Adrian Farrel Routing AD Honolulu – November 2015 – IETF-91.

Abierman-rmonwg-17mar03 1 RMONMIB WG 56th IETF San Francisco, California March 17, 2003 Discussion: Admin:

Doc.: IEEE /1096r0 Submission November 2005 Mike Moreton, STMicroelectronicsSlide 1 Emergency Call Support Notice: This document has been prepared.

Network Security Principles & Practices

IPv6 WORKING GROUP (IPNGWG) March 2001 Minneapolis IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

1 IPFIX Protocol Specifications IPFIX IETF-59 March 3, 2004 Benoit Claise Mark Fullmer Reinaldo Penno Paul Calato Stewart Bryant Ganesh Sadasivan.

1 Virtual Router Redundancy Protocol (VRRP) Speaker: Li-Wen Chen Date:

IPv6 Document Status and Action Plan Margaret Wasserman IETF56 San Francisco March 2003.

IPR in the IETF Personal Thoughts from an AD Adrian Farrel Thanks to: Dave Ward, Ross Callon, Scott Brander, Jorge Contreras,

Audio/Video Transport Working Group 49th IETF, San Diego December 2000 Stephen Casner -- Packet Colin Perkins -- ISI,

MPTCP – MULTIPATH TCP Interim meeting #3 20 th October 2011 audio Yoshifumi Nishida Philip Eardley.

IPv6 WORKING GROUP December 2001 Salt Lake City IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

XCON IETF 64 November 8 th – 9 th, 2005 Vancouver, BC, Canada.

IETF Adrian Farrel & Scott Bradner. Apologies to those who have seen this before It cannot be said often enough It is fundamental to how the IETF.

SHIM6 Protocol Drafts Overview Geoff Huston, Marcelo Bagnulo, Erik Nordmark.

IPv6 WORKING GROUP July 2002 Yokohama IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Margaret Wasserman / Wind River Co-Chairs.

IPv6 WORKING GROUP March 2002 Minneapolis IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

BFD Working Group Document Status – IETF 78 Jeffrey Haas, Dave Ward,

Node Information Queries July 2002 Yokohama IETF Bob Hinden / Nokia.

Status of L3 PPVPN Working Group Documents March 2005 – Minneapolis IETF Ross Callon Ron Bonica Rick Wilder.

SRI International 1 Topology Dissemination Based on Reverse-Path Forwarding (TBRPF) Richard Ogier September 21, 2002.

1 Achieving Local Availability of Group SA Ya Liu, Bill Atwood, Brian Weis,

IPv6 WORKING GROUP (IPNGWG) December 2000 San Diego IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

Mobile IPv6 with IKEv2 and revised IPsec architecture IETF 61

Update on the IETF Diffserv Working Group NANOG 13 Detroit, MI June 8, 1998 Kathleen M. Nichols

RTP Splicing Status Update draft-ietf-avtext-splicing-for-rtp-11 Jinwei Xia.

A Framework for Session Initiation Protocol User Agent Profile Delivery (draft-ietf-sipping-config-framework-11) SIPPING – IETF 68 Mar 19, 2007 Sumanth.

7/27/2004IETF San-Diego Plenary meeting 8/2004 EPON MIBs Lior Khermosh – Passave Technologies

Network Security Principles & Practices By Saadat Malik Cisco Press 2003.

1 ipv6-node-02.PPT/ 18 November 2002 / John Loughney IETF 55 IPv6 Working Group IPv6 Node Requirements draft-ietf-ipv6-node-requirements-02.txt John Loughney.

Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.

70th IETF Vancouver, December 2007 CCAMP Working Group Status Chairs: Deborah Brungard : Adrian Farrel :

Draft-melia-mipshop-mobility-services-ps-01.txt. From IETF #66 Discuss MIH PS (as expressed by the WG chair) Need a single PS at WG level (several drafts.

July 2007 CAPWAP Protocol Specification Editors' Report July 2007

NEMO Basic Support update IETF 61. Status IANA assignments done Very close to AUTH48 call Some issues raised recently We need to figure out if we want.

NETLMM BOF IETF 64 James Kempf, DoCoMo Labs USA Phil Roberts, Motorola Labs November 7, 2005.

IETF 69, July 2007Slide 1 Preferential Forwarding Status bit Definition draft-muley-dutta-pwe3-redundancy-bit-01.txt Praveen Muley, Pranjal K. Dutta, Mustapha.

BSR Spec Status BSR Spec authors 03/06. Status ID refreshed (now rev-07) Resolved remaining issues we had on our list Updated to reflect WG

ROLL Working Group Meeting IETF-82, Tapei, November 2011 Online Agenda and Slides at: bin/wg/wg_proceedings.cgi Co-chairs:

1 cellhost-ipv6-52.ppt/ December 13, 2001 / John A. Loughney Minimum IPv6 Functionality for a Cellular Host John Loughney, Pertti Suomela, Juha Wiljakka,

IPFIX Requirements: Document Changes and New Issues Raised Jürgen Quittek, NEC Benoit Claise, Cisco Tanja Zseby, Sebstian Zander, FhG FOKUS.

Dhc WG 3/2/2004, IETF 59, Seoul. 3/2/2004dhc WG - IETF 59, Seoul2 Agenda Administrivia, Agenda bashing Ralph Droms 05 minutes DHCP Option for Proxy Server.

DIME WG IETF 83 DIME WG Agenda & Status Thursday, March 29, 2012 Jouni Korhonen, Lionel Morand.

Design Guidelines for IPv6 Networks draft-matthews-v6ops-design-guidelines Philip Matthews Alcatel-Lucent.

SIP Working Group IETF Chairs -- Rohan MAHY Dean WILLIS.

Moving IPv6 Documents to Draft Standard IETF 53 Minneapolis, MN March 18th, 2002.

IPng WORKING GROUP November 1999 Washington DC IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

SEND WG IETF 57, Vienna Monday, July 14, 9:00 am.

28 October 2016 Webex IPv6 over the TSCH mode of IEEE e

draft-nitish-vrrp-bfd-02

SACM Virtual Interim Meeting

Request History Capability – Requirements & Solution

IETF 55 IPv6 Working Group IPv6 Node Requirements

IP Router-Alert Considerations and usage

In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia

IETF57 Vienna July 2003 Bob Hinden & Margaret Wasserman Chairs

Virtual Router Redundancy Protocol (VRRP)

SACM Virtual Interim Meeting

Protocol for Carrying Authentication for Network Access - PANA -

STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,

IEEE MEDIA INDEPENDENT HANDOVER DCN:

PIM Backup DR Mankamana Mishra IETF-102

draft-ietf-bier-ipv6-requirements-01

Presentation transcript:

1 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF VRRP Working Group March 2003 San Francisco IETF Mukesh Gupta / Nokia Chair

2 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF AGENDA Introduction and Review Agenda Milestones/Plans Current Drafts Security Issues with VRRP VRRPv3 VRRPv3 MIB IPR Issues Further Interests of the WG

3 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF WG MILESTONES/PLANS Mar Resolve open issues with authentication methods Mar Submit updated version of VRRP (IPv4) for Draft Standard May Submit VRRP for IPv6 (VRRPv3) for Proposed Standard Jul Submit MIB for VRRPv3 for Proposed Standard Dec Review the WG goals and future potential

4 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF CURRENT DRAFTS VRRPv2 (for IPv4) VRRPv3 (for IPv6) Coming Soon: VRRPv3 MIB VRRP IPSEC-AH Authentication Specification (???)

5 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF SECURITY ISSUES Problem: Clear text password does not provide much security. IPsec AH might provide little security but more details need to be specified. All the security mechanisms make the situation worse in case of mis- configuration. (2 Masters !!) Still vulnerable to all the LAN attacks Proposed Solution: Remove the security mechanisms from VRRP and write a good security section Work on a separate draft for providing IPsec AH security for VRRP (if enough interest in WG ??)

6 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF SECURITY ISSUES QUESTIONS More Questions: (How do we do it ?) Discourage or Remove fields from the header ? Backward compatibility issues when removing security ? Do we need to update the version number ? Do we need to recycle VRRPv2 through PS again ? Do we need to update VRRPv2 MIB (RFC 2787) ? Anything else ??? The Question: Anyone against removing security ? Say it Now !!

7 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF VRRPv3 The current draft is draft-ietf-vrrp-ipv6-spec-03.txt Needs to be reviewed. Did anyone review it ? Are there any implementations ? Or Plans ? Can’t move forward without implementation experience !

8 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF VRRPv3 MIB Needed before VRRPv3 draft moves to PS Kalyan, Kripakaran and Brian have started working on it New draft instead of updating the existing one A draft will be submitted to the WG soon Please review it !!

9 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF IPR ISSUES (Cisco) We found the following statement from Robert Barr, Cisco at "Cisco will not assert any patent claims against anyone for an implementation of IETF standard for VRRP unless a patent claim is asserted against Cisco, in which event Cisco reserves the right to assert patent claims defensively. If a licensee would prefer a royalty-bearing license, we would make one available." Robert confirmed this statement in an again on December 18, 2002 “That is our current position.”

10 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF IPR Issues (IBM) No answer has been received from IBM yet !!

11 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF ARE WE INTERESTED IN.. “IPsec AH Security for VRRP” draft ? available at Removing Priority value 0 (hold the election now) option ? Issues and Arguments document ? Anything else ?

12 Virtual Router Redundancy Protocol (VRRP) San Francisco IETF Thank You