Technical Summary
This document describes the problems associated with clustering
of IKE/IPsec VPN endpoints using the existing set of standards.
It is claimed that the amount and volatility of IKE/IPsec state
result in numerous challenges for such clustering. The document
defines terminology for high availability and load sharing
clusters implementing IKE and IPsec, and describes gaps in the
existing standards.
Working Group Summary
There was no controversy other than a prolonged discussion on
terminology.
Document Quality
This is a problem statement, not a protocol. However it is noted
that the vast majority of IPsec VPN products support some form
of clustering, and there is a strong feeling in the working group
that this document is a step forward in allowing better
interoperability of clustered systems.
Personnel
Yaron Sheffer (yaronf.ietf@gmail.com) is the document shepherd.
Sean Turner (turners@ieca.com) is Responsible Area Director?