datatracker.ietf.org
Sign in
Version 5.4.0, 2014-04-22
Report a bug

Redirect Mechanism for the Internet Key Exchange Protocol Version 2 (IKEv2)
RFC 5685

Note: This ballot was opened for revision 11 and is now closed.

Summary: Needs a YES. Needs 9 more YES or NO OBJECTION positions to pass.

Adrian Farrel

Comment (2009-07-16)

VPN should be expanded on first use in the Abstract and the main text.
===
IPsec should be referenced on its first use.
===
Abstract says:
   Currently there is no standard mechanism
   specified that allows an overloaded VPN gateway or a VPN gateway that
   is being shut down for maintenance to redirect the VPN client to
   attach to another gateway.  This document proposes a redirect
   mechanism for IKEv2.  The proposed mechanism can also be used in
   Mobile IPv6 to enable the home agent to redirect the mobile node to
   another home agent.
Would prefer this to be reworded since this I-D creates such a
mechanism. How about...
   This document defines an IKEv2 mechanism
   that allows an overloaded VPN gateway or a VPN gateway that
   is being shut down for maintenance to redirect the VPN client to
   attach to another gateway.  The mechanism can also be used in
   Mobile IPv6 to enable the home agent to redirect the mobile node to
   another home agent.
===
Section 3
   The gateway MUST keep track of those clients that
   indicated support for the redirect mechanism and those that didn't.
Surely it only has to keep track for those clients for which it may
want to perform a redirect?
===
Rename section 5 to:
"Redirect during an active session"
since *all* redirects are gateway initiated.
===
Bit numbers on the figures are out of alignment