Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Security Framework for MPLS and GMPLS Networks draft-mpls-mpls-gmpls-security-framework-03.txt Luyuan Fang Michael Behringer Ross Callon Jean-Luis Le.

Published byBuddy Bradley Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Security Framework for MPLS and GMPLS Networks draft-mpls-mpls-gmpls-security-framework-03.txt Luyuan Fang Michael Behringer Ross Callon Jean-Luis Le."— Presentation transcript:

1 1 Security Framework for MPLS and GMPLS Networks draft-mpls-mpls-gmpls-security-framework-03.txt Luyuan Fang Michael Behringer Ross Callon Jean-Luis Le Roux Raymond Zhang Paul Knight Yaakov Stein Nabil Bitar Jerry Ash Monique Morrow Richard Graveman Adrian Farrel July 28, 2008 72 IETF, Dublin

2 2 Status Update IETF 67 - San Diego –Project first proposed at MPLS WG in November 2006. –Design team formed (members listed on front page). IETF 68 - Prague –00 draft presented at MPLS WG and CCAMP WGs in March 2007 –Gathered feedback from the MPLS and CCAMP WGs, Security and Routing ADs IETF 69 – Chicago –01 draft presented at MPLS and CCAMP WGs in July 2007. –Request to become working group document –Draft was approved to become MPLS WG document after IETF 69 IETF 70 – Vancouver –00 WG draft posted in Sept. 2007. 01 draft posted in Nov. 2007 –01 draft presented at MPLS WGs, and status update at CCAMP –Prepare for WG last call, request for early review IETF 71 – Philadelphia –02 draft presented at MPLS WG in March 2008 –Discuss gen-art early review comments and other comments –Getting ready for WG last call IETF 72 – Dublin –03 draft issued, addressed gen-art comments and other comments –Request for MPLS and CCAMP WGs last call

3 Changes in 03 draft Changes based on Scott Brim’s gen-art early review comments. Previous L2, L3, Link layer definition removed; made core definition consistent; Modification in control plane attacks; add PE-CE bi- direitonal authentication, and minor structual and editor changes. Scoot is happy about the changes. Changes based on Stephen Farrell’s comments and Ross’s discussion regarding upstream label allocation. Discussed with Stephen Farrell, and Ross. Updated the text to reflect label allocation can be downstream or upstream, however, we did not see new security mechanisms need to be introduced due to upstream label allocation. Changes based on Kannan Varadhan’s comments. Indicated the entire network can be compromised under the attack of LSP created by an unauthorized element; added IPv6 in filtering in addition to IPv4. More discussion with Kannan on MPLS/GMPLS specific security threats, Defensive techniques for MPLS/GMPLS Network; SP General security requirements; MPLS/GMPLS inter- provider security requirements.

4 Planned changes GMPLS data plane security per Adrian’s suggestions Unlike MPLS, GMPLS data plane may be divorced from the GMPLS control plane. GMPLS Data links may be deliberately or accidentally misconnected without causing faults in the control plane. Protect from misconnection attacks and connectivity verification Ref applicability of groupkeying for RSVP Short description and add reference to “Applicability of Keying Methods for RSVP Security” - draft-ietf-tsvwg-rsvp-security- groupkeying-01.txt

5 5 Next Step Request for MPLS and CCAMP WGs last call

Download ppt "1 Security Framework for MPLS and GMPLS Networks draft-mpls-mpls-gmpls-security-framework-03.txt Luyuan Fang Michael Behringer Ross Callon Jean-Luis Le."

Similar presentations

71 th IETF – Philadelphia, USA March 2008 PCECP Requirements and Protocol Extensions in Support of Global Concurrent Optimization Young Lee (Huawei) J-L.

71 th IETF – Philadelphia, USA March 2008 PCECP Requirements and Protocol Extensions in Support of Global Concurrent Optimization Young Lee (Huawei) J-L.
71st IETF Philadelphia, March 2008 ERO Extensions for Path Key draft-bradford-ccamp-path-key-ero-01.txt Richard Bradford : JP Vasseur.

71st IETF Philadelphia, March 2008 ERO Extensions for Path Key draft-bradford-ccamp-path-key-ero-01.txt Richard Bradford : JP Vasseur.
1 IETF 74, 30 Jul 2009draft-ietf-tsvwg-rsvp-security-groupkeying-05.txt Applicability of Keying Methods for RSVP security draft-ietf-tsvwg-rsvp-security-groupkeying-05.txt.

1 IETF 74, 30 Jul 2009draft-ietf-tsvwg-rsvp-security-groupkeying-05.txt Applicability of Keying Methods for RSVP security draft-ietf-tsvwg-rsvp-security-groupkeying-05.txt.
MPLS/GMPLS Migration and Interworking CCAMP, IETF 64 Kohei Shiomoto,

MPLS/GMPLS Migration and Interworking CCAMP, IETF 64 Kohei Shiomoto,
Problem Statement and Architecture for Information Exchange Between Interconnected Traffic Engineered Networks draft-farrel-interconnected-te-info-exchange-03.txt.

Problem Statement and Architecture for Information Exchange Between Interconnected Traffic Engineered Networks draft-farrel-interconnected-te-info-exchange-03.txt.
Status of L3 PPVPN Working Group Documents Ross Callon Ron Bonica Rick Wilder.

Status of L3 PPVPN Working Group Documents Ross Callon Ron Bonica Rick Wilder.
December 10, 20001 Policy Terminology - 01 Report for 49th IETF Preview for AAA Arch RG John Schnizlein.

December 10, Policy Terminology - 01 Report for 49th IETF Preview for AAA Arch RG John Schnizlein.
66th IETF Montreal July 2006 Requirements for delivering MPLS services Over L3VPN draft-kumaki-l3VPN-e2e-mpls-rsvp-te-reqts-01.txt Kenji Kumaki KDDI, Editor.

66th IETF Montreal July 2006 Requirements for delivering MPLS services Over L3VPN draft-kumaki-l3VPN-e2e-mpls-rsvp-te-reqts-01.txt Kenji Kumaki KDDI, Editor.
Draft-ietf-mpls-tp-mib-management-overview-03 Multiprotocol Label Switching Transport Profile (MPLS-TP) MIB-based Management Overview draft-ietf-mpls-tp-mib-management-overview-03.

Draft-ietf-mpls-tp-mib-management-overview-03 Multiprotocol Label Switching Transport Profile (MPLS-TP) MIB-based Management Overview draft-ietf-mpls-tp-mib-management-overview-03.
61st IETF Washington DC November 2004 Detecting P2MP Data Plane Failures draft-yasukawa-mpls-p2mp-lsp-ping-00.txt Seisho Yasukawa -

61st IETF Washington DC November 2004 Detecting P2MP Data Plane Failures draft-yasukawa-mpls-p2mp-lsp-ping-00.txt Seisho Yasukawa -
Kenji Kumaki KDDI, Editor Raymond Zhang BT Nabil Bitar Verizon

Kenji Kumaki KDDI, Editor Raymond Zhang BT Nabil Bitar Verizon
MPLS-TP - 79th IETF1 MPLS-TP Control Plane Framework draft-ietf-ccamp-mpls-tp-cp- framework-03.txt Contributors: Loa Andersson Lou Berger Luyuan Fang Nabil.

MPLS-TP - 79th IETF1 MPLS-TP Control Plane Framework draft-ietf-ccamp-mpls-tp-cp- framework-03.txt Contributors: Loa Andersson Lou Berger Luyuan Fang Nabil.
MPLS-TP - 78th IETF1 MPLS-TP Control Plane Framework draft-ietf-ccamp-mpls-tp-cp- framework-02.txt Contributors: Loa Andersson Lou Berger Luyuan Fang Nabil.

MPLS-TP - 78th IETF1 MPLS-TP Control Plane Framework draft-ietf-ccamp-mpls-tp-cp- framework-02.txt Contributors: Loa Andersson Lou Berger Luyuan Fang Nabil.
69th IETF Chicago, July 2007 CCAMP Working Group Charter and Liaisons.

69th IETF Chicago, July 2007 CCAMP Working Group Charter and Liaisons.
1 Security Framework for MPLS-TP draft-fang-mpls-tp-security-framework-04.txt Luyuan Fang Ben Niven-Jenkins Scott.

1 Security Framework for MPLS-TP draft-fang-mpls-tp-security-framework-04.txt Luyuan Fang Ben Niven-Jenkins Scott.
1 Security Framework for MPLS-TP draft-fang-mpls-tp-security-framework-02.txt Luyuan Fang Ben Niven-Jenkins Raymond.

1 Security Framework for MPLS-TP draft-fang-mpls-tp-security-framework-02.txt Luyuan Fang Ben Niven-Jenkins Raymond.
78 IETF, Maastricht, Netherlands

78 IETF, Maastricht, Netherlands
November 200667th Diego Requirements for delivering MPLS services over L3VPN draft-kumaki-l3VPN-e2e-mpls-rsvp-te-reqts-02.txt Kenji Kumaki KDDI,

November th Diego Requirements for delivering MPLS services over L3VPN draft-kumaki-l3VPN-e2e-mpls-rsvp-te-reqts-02.txt Kenji Kumaki KDDI,
64th IETF Vancouver November 2005 CCAMP Working Group Online Agenda and Slides at:

64th IETF Vancouver November 2005 CCAMP Working Group Online Agenda and Slides at:
Page - 1 70 th IETF Vancouver, B.C., Canada Operating Virtual Concatenation (VCAT) and the Link Capacity Adjustment Scheme (LCAS) with GMPLS Greg Bernstein.

Page th IETF Vancouver, B.C., Canada Operating Virtual Concatenation (VCAT) and the Link Capacity Adjustment Scheme (LCAS) with GMPLS Greg Bernstein.

Similar presentations

Ads by Google