[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt

To: v6ops@ops.ietf.org
Subject: Re: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt
From: Tim Chown <tjc@ecs.soton.ac.uk>
Date: Wed, 26 May 2004 22:17:37 +0100
In-reply-to: <Pine.LNX.4.44.0405250914060.12796-100000@netcore.fi>
Mail-followup-to: v6ops@ops.ietf.org
References: <33639.67.84.243.204.1085403691.squirrel@webmail.nac.net> <Pine.LNX.4.44.0405250914060.12796-100000@netcore.fi>
User-agent: Mutt/1.4i

Pekka,

I think ent-scenarios as a draft has been floating around for some time, and
anyone could have offered new or different scenarios if the ones included
weren't deemed representative.  I'm not sure that changing a scenario would 
make a significant difference.

The draft is a difficult one.  The scope is simply *huge*, and thus the text
can always be expanded or improved.   I think what we have, and the specific
scenarios, are good enough.    Let's move on.

Regards your queries, the meanings seem clear to me, re "at secure", "ad hoc
creation" and "bolt on".   The language could perhaps be expanded, but I don't
think the meaning is ambiguous, so again let's move on?

I do plan to write up a campus scenario (and analysis) separately (so I
don't hold up the main thrust), which will be drawn from 6NET experience
(you can look at D2.3.3-bis from 6NET yourself if curious as to the nature
of that scenario text).

Tim

On Tue, May 25, 2004 at 09:29:28AM +0300, Pekka Savola wrote:
> On Mon, 24 May 2004 rfgraveman@nac.net wrote:
> > > I think Example network C, a security defense network, is not
> > > mainstream enough to be applicable to be investigated in the
> > > scenarios.  There are probably 1, 5 or 10 such networks in the world.
> > > We should be focusing on more common scenarios (even addressing
> > > "80/20" would be good).  [I have a few specific comments for
> > > clarification within this example, but I'll send them if this example
> > > is not replaced by something else.]
> > > ...
> > 
> > OTOH, some of these networks are large, and they buy a lot of equipment,
> > so some major vendors take their requirements quite seriously. Therefore,
> > I would be against dropping this case. We can discuss further whether this
> > is exactly the right characterization, however.
> 
> I can see the argument why this needs to be considered .. money is a
> language everybody understands .. but I'm concerned that this would be
> painted as a "model" for v6 deployment, i.e., that other enterprises
> which have very little in common with such defense networks would
> start mimicking their deployment strategies just because those are the
> ones described in our documents.  This is why I'm worried about 
> keeping this here.
> 
> But let's hear if there are more opinions about this.
> 
> In any case, if it stays, this could probably be clarified a bit, 
> like:
> 
>    A Security Defense Network Operation:
>                                                                                   
> ==> add here something like:
> 
>     Note that these kind of networks are uncommon and unfit to be a
>     model or example for deployment for enterprises in general.  
>     However, due to their importance to the vendor community, their
>     requirements should be considered explicitly.
> 
> ...
> 
>      - External network required at secure specific points.
>  
> ==> I had hard time parsing this, "at secure"?  Did you mean:
> 
>      - External network is required, but only at specific, secure, 
>        exit points.
>  
> ...
> 
>      - Network must be able to absorb ad-hoc creation of sub-Networks.
>  
> ==> I didn't quite understand what this meant, please clarify.  (I've 
> a hunch, but..)
> 
>      - Entire parts of the Network are completely mobile.
>  
> ==> are we talking about a mobile network (NEMO sense), or nomadic 
> network (network de-attaches, moves, network re-attaches) ?  The 
> latter would at least be feasible, while the former may be a bit more 
> problematic.  Maybe worth clarifying a bit..
> 
>      - Network must be able to bolt on to the Internet to share
>        bandwidth as required from Providers.
> 
> ==> "bolt on to the Internet" ?  I wasn't sure what this was trying to 
> say -- that the network must be able to multihome for load-sharing 
> purposes, or...?
> 
>      - Nodes must be able to access IPv4 legacy applications over IPv6
>        network.
> 
> ==> are these internal legacy apps, external ones, or possibly both?  
> Isn't this assumptive about IPv6 deployment ("v6-only") and unfit for
> requirements?
> 
> -- 
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
> 
>

References:
- Re: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt
  - From: rfgraveman@nac.net
- Re: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt
Next by Date: Re: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt
Previous by thread: Re: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt
Next by thread: RE: WG Last Call: draft-ietf-v6ops-ent-scenarios-02.txt
Index(es):
- Date
- Thread