1 draft-behringer-mpls-vpn-auth-05.txt62nd IETF, Minneapolis, 7-11 Mar 2005 MPLS VPN Import/Export Verification draft-behringer-mpls-vpn-auth-05.txt Michael.

Slides:



Advertisements
Similar presentations
APNOMS03 1 A Resilient Path Management for BGP/MPLS VPN Jong T. Park School of Electrical Eng. And Computer Science Kyungpook National University
Advertisements

1 IETF 74, 30 Jul 2009draft-ietf-tsvwg-rsvp-security-groupkeying-05.txt Applicability of Keying Methods for RSVP security draft-ietf-tsvwg-rsvp-security-groupkeying-05.txt.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—5-1 Module Summary The VRF table is a virtual routing and forwarding instance separating sites.
MPLS Over L3VPN Ron Bonica. Reference Model and Requirement 1 C0 CE1 CE2 C3 PE1 P1 Customer VPN Site A Customer VPN Site B Service Provider L3VPN Customer.
Problem Statement and Architecture for Information Exchange Between Interconnected Traffic Engineered Networks draft-farrel-interconnected-te-info-exchange-03.txt.
MPLS/VPN Security Threats and Defensive Techniques (provider provision) Speaker : JET 3,1’2004.
Status of L3 PPVPN Working Group Documents Ross Callon Ron Bonica Rick Wilder.
L3vpn end-system draft Pedro Marques. Overview Defines a mechanism to associate an end- system virtual interface to an L3VPN. – Co-located forwarder:
MPLS over L2TPv3 for support of RFC 2547-based BGP/MPLS IP VPNs
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—6-1 Complex MPLS VPNs Introducing Managed CE Router Service.
BGP L3VPN Virtual PE draft-fang-l3vpn-virtual-pe-01
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Forwarding MPLS VPN Packets.
Ietf-64 draft-kulmala-l3vpn-interas-option-d-01.txt Additional Inter AS option for BGP/MPLS IP VPN IETF-64 draft-kulmala-l3vpn-interas-option-d-01.txt.
BGP L3VPN Virtual PE draft-fang-l3vpn-data-center-interconnect-01 L. Fang R. Fernando D. Rao S. Boutros IETF 88, Vancouver, Nov
Ietf-65 draft-kulmala-l3vpn-interas-option-d-02.txt ASBR VRF Context for BGP/MPLS IP VPN IETF-65 draft-kulmala-l3vpn-interas-option-d-02.txt Marko Kulmala.
66th IETF Montreal July 2006 Requirements for delivering MPLS services Over L3VPN draft-kumaki-l3VPN-e2e-mpls-rsvp-te-reqts-01.txt Kenji Kumaki KDDI, Editor.
November th Requirements for supporting Customer RSVP and RSVP-TE over a BGP/MPLS IP-VPN draft-kumaki-l3VPN-e2e-mpls-rsvp-te-reqts-05.txt.
Kenji Kumaki KDDI, Editor Raymond Zhang BT Nabil Bitar Verizon
November th Diego Requirements for delivering MPLS services over L3VPN draft-kumaki-l3VPN-e2e-mpls-rsvp-te-reqts-02.txt Kenji Kumaki KDDI,
L3VPN WG IETF 78 09/11/ :00-15:00 Chairs: Marshall Eubanks Danny McPherson Ben Niven-Jenkins.
BGP-MPLS VPN extension for IPv4/IPv6 Hybrid Network Defeng Li Huawei Technologies.
VPN4DC Discussion VPN4DC Team Taipei, Taiwan.
Multiaccess VPN Project. Team Members © 2002, Multiaccess VPN
Inter AS option D (draft-mapathak-interas-option-d-00) Manu Pathak Keyur Patel Arjun Sreekantiah November 2012.
PWE3 Agenda – Monday 8 th Nov 15 min - Agenda bash, WG Agenda and Status - Andy Malis and Matthew Bocci 5 min - Dynamic Placement of Multi Segment Pseudo.
1 Miscellaneous Capabilities for IP Network Infrastructure IETF 64 Vancouver, BC, Canada November 2005.
BGP L3VPN Virtual CE draft-fang-l3vpn-virtual-ce-01 Luyuan Fang Cisco John Evans Cisco David Ward Cisco Rex Fernando Cisco John Mullooly Cisco Ning So.
PWE3 WG Status IETF-88 Andy Malis Matthew Bocci Secretary:
IETF 66 L1VPN Basic Mode Draft draft-ietf-l1vpn-basic-mode-00.txt Don Fedyk (Editor) Yakov Rekhter (Editor)
BGP L3VPN Virtual PE draft-fang-l3vpn-virtual-pe-04 Luyuan Fang David Ward Rex Fernando Maria Napierala Nabil Bitar Dhananjaya Rao Bruno Rijsman Ning So.
57 th IETF VIENNA draft-sheng-ppvpn-isis-bgp-mpls vpn-01.txt 57 th IETF meeting IS-IS as the PE/CE Protocol in BGP/MPLS VPN draft-sheng-ppvpn-isis-bgp-mpls-00.txt.
Status of L3 PPVPN Working Group Documents August 2004 – San Diego IETF Ross Callon Ron Bonica Rick Wilder.
Status of L3 PPVPN Working Group Documents March 2005 – Minneapolis IETF Ross Callon Ron Bonica Rick Wilder.
Status of L3 PPVPN Working Group Documents November 2003 Ross Callon Ron Bonica Rick Wilder.
L3VPN WG IETF 78 30/07/ :00-11:30 Chairs: Marshall Eubanks Danny McPherson Ben Niven-Jenkins.
OSPF WG – IETF 66 OSPF WG Document Status Rohit Dube/Consultant Acee Lindem/Cisco Systems.
73rd IETF Minneapolis Nov Framework and Requirements for Virtual Private Multicast Service (VPMS) draft-kamite-l2vpn-vpms-frmwk-requirements-02.txt.
Draft-asati-bgp-mpls-blackhole-avoidance-00.txt1 BGP/MPLS Traffic Blackhole Avoidance Proposal draft-asati-bgp-mpls-blackhole-avoidance-00 Rajiv Asati.
BGP/MPLS VPN Virtual PE draft-fang-l3vpn-virtual-pe-05 Luyuan Fang, Ed. David Ward Rex Fernando Maria Napierala Nabil Bitar Dhananjaya Rao Bruno Rijsman.
MPLS WG Minneapolis Agenda bash draft-ietf-mpls-fastreroute-mib has been moved to the MPLS-TP session.
1 We apologize for not using open source software 1 IP-based Tool Requirements for MPLS Networks Tom Nadeau George Swallow
Inter-AS Options for NVO3 and BGP/MPLS VPN Weiguo Hao, Lucy Yong, Sue Hares, Robert Raszuk Luyuan Fang, Osama Zia, Shahram Davari, Andrew Qu March 2015.
70th IETF Vancouver, December 2007 CCAMP Working Group Status Chairs: Deborah Brungard : Adrian Farrel :
NEMO Basic Support update IETF 61. Status IANA assignments done Very close to AUTH48 call Some issues raised recently We need to figure out if we want.
2547 egress PE Fast Failure Protection draft-minto-2547-egress-node-fast-protection-00 Jeyananth Minto Maciek
BGP L3VPN Virtual PE draft-fang-l3vpn-data-center-interconnect-01 L. Fang R. Fernando D. Rao S. Boutros Cisco IETF 86, Orlando, FL, 3/16/2013.
1 IETF 91, 10 Nov 2014draft-behringer-anima-reference-model-00.txt A Reference Model for Autonomic Networking draft-behringer-anima-reference-model-00.txt.
Support for RSVP-TE in L3VPNs Support for RSVP-TE in L3VPNs draft-kumaki-murai-ccamp-rsvp-te-l3vpn-01.txt Kenji Kumaki KDDI Corporation Tomoki Murai Furukawa.
1 MTU Extended Community for BGP-4 Q. Zeng, J. Dong (Huawei Technologies) IETF81 IDR July 2011 Quebec draft-zeng-idr-bgp-mtu-extension-00.
1 Security Framework for MPLS and GMPLS Networks draft-mpls-mpls-gmpls-security-framework-03.txt Luyuan Fang Michael Behringer Ross Callon Jean-Luis Le.
Reconciling the L3VPN Authentication Drafts (Singing “Kumbaya”) M Behringer R Bonica.
CE Based Membership Verification for L3VPN
91th IETF, 10 Nov 2014  Michael Behringer Steinthor Bjarnason Balaji BL
Applicability Statement for Layer 1 Virtual Private Networks (L1VPNs) Basic Mode draft-takeda-l1vpn-applicability-basic-mode-00.txt Deborah Brungard (AT&T)
Raymond Aubin (Nortel) Marco Carugi (Nortel) Ichiro Inoue (NTT)
draft-nadeau-ietf-oam-requirements-01
J.W. Atwood PIM WG 2010/03/23 The KARP Working Group J.W. Atwood PIM WG 2010/03/23
Tomohiro Otani Kenji Kumaki Satoru Okamoto Wataru Imajuku
IS-IS WG IS-IS Cryptographic Authentication Requirements
L1VPN Working Group Scope
Diameter NASReq Application Status
Thomas Nadeau Yacine El Mghazli Kwok Ho Chan
Radius Attribute for MAP draft-jiang-softwire-map-radius-03
IETF Working Group CSCI 344 Spring 2016 Report <Your name>
Loop Protection in EVPN Networks draft-snr-bess-evpn-loop-protect-00
Signaled PID When Multiplexing Multiple Payloads over RSVP-TE LSPs draft-ali-mpls-sig-pid-multiplexing-case-00.txt Zafar Ali, Cisco Systems.
IETF Liaison Report May 2004 Dorothy Stanley – Agere Systems
Signal Conditioning.
Inter-AS MVPN: Multihoming Considerations
OSPF WG Supporting Authentication Trailer for OSPFv3
Presentation transcript:

1 draft-behringer-mpls-vpn-auth-05.txt62nd IETF, Minneapolis, 7-11 Mar 2005 MPLS VPN Import/Export Verification draft-behringer-mpls-vpn-auth-05.txt Michael Behringer Jim Guichard Pedro Roque Marques

2 draft-behringer-mpls-vpn-auth-05.txt62nd IETF, Minneapolis, 7-11 Mar 2005 This Draft Addresses: RFC 2547 BGP/MPLS VPN RT misconfiguration protection: –If the SP misconfigures the RT on a PE, security of the VPN is compromised

3 draft-behringer-mpls-vpn-auth-05.txt62nd IETF, Minneapolis, 7-11 Mar 2005 Current Status: Routing Authentication with MD5 CE PE CE VRF k1 k2 PE VRF k2k1 Routing MD5 auth No end-to-end MD5 authentication

4 draft-behringer-mpls-vpn-auth-05.txt62nd IETF, Minneapolis, 7-11 Mar 2005 Our idea: Link the MD5’s CE PE CE VRF k1 k2 PE VRF k2k1 Routing MD5 auth

5 draft-behringer-mpls-vpn-auth-05.txt62nd IETF, Minneapolis, 7-11 Mar 2005 Comparison to Bonica draft Our draftBonica draft Requires CE/site to participateNoYes Allows verification by siteNoYes Works with Route ReflectorsYes Requires routing PE-CEYesNo Requires new signalling PE-CENoYes xor

6 draft-behringer-mpls-vpn-auth-05.txt62nd IETF, Minneapolis, 7-11 Mar 2005 Questions Is this work useful? What is wrong / missing / … ? Does this work fit into the PPVPN WG? Goal: Accept as WG document