Provider Provisioned Virtual Private Networks (ppvpn) ----------------------------------------------------- Charter Last Modified: 2002-09-25 Current Status: Active Working Group Chair(s): Rick Wilder Marco Carugi Sub-IP Area Director(s): Scott Bradner Bert Wijnen Sub-IP Area Advisor: Scott Bradner Technical Advisor(s): Alex Zinin Mailing Lists: General Discussion:ppvpn@ppvpn.francetelecom.com To Subscribe: sympa@ppvpn.francetelecom.com with In Body: (UN)SUBSCRIBE ppvpn in message body Archive: http://ppvpn.francetelecom.com Description of Working Group: This working group is responsible for defining and specifying a limited number of sets of solutions for supporting provider-provisioned virtual private networks (PPVPNs). The work effort will include the development of a framework document, a service requirements document and several individual technical approach documents that group technologies together to specify specific VPN service offerings. The framework will define the common components and pieces that are needed to build and deploy a PPVPN. Deployment scenarios will include provider-managed VPN components located on customer premises. The service requirement document will detail the requirements individual PPVPN approaches must satisfy from a Service Provider (SP) perspective. Particular attention will be placed on SP requirements for security, privacy, scalability and manageability considering such factors as Service Provider's projections for number, complexity, and rate of change of customer VPNs over the next several years. The working group will make specific efforts to solicit this information from SPs. The service requirements document is not intended to define the requirements that all approaches must satisfy. Rather, it is intended to become a "checklist" of requirements, not all of which will necessarily be required in all deployment scenarios. A goal of the requirements document is to provide a consistent way to evaluate and document how well each individual approach satisfies the individual requirements. The effort will produce a small number of approaches that are based on collections of individual technologies that already exist (see below for specifics). The goal is to foster interoperability among implementations of a specific approach. Standardization of specific approaches will be gauged on (I)SP support. Note that it is not a goal of this WG to develop new protocols or extend existing ones. Rather, the purpose is to document and identify gaps and shortcomings in individual approaches with regards to the requirements. In the case that specific work items are identified, such work will be done in an appropriate WG. Taking on specific protocol work items in this WG will require rechartering. The working group is expected to consider at least three specific approaches including BGP-VPNs (e.g. RFC 2547), virtual routers and port-based VPNs (i.e., where the SP provides a Layer 2 interface, such as Frame Relay or ATM, to the VPN customer, while using IP-based mechanisms in the provider infrastructure to improve scalability and configurability over traditional L2 networks). Multiple approaches are being developed as each approach has particular characteristics and differing scope of applicability. The working group will consider inter-AS (SP) VPN interconnects so that VPNs are able to span multiple ASs (SPs). Each technical approach document will include an evaluation of how well it meets the requirements defined in the requirements document. In addition, technical approach documents will address scalability and manageability issues as well as their operational aspects. Individual approach documents will also analyze the threat and security aspects of PPVPNs and include appropriate mandatory-to-implement technologies and management mechanisms to ensure adequate security and privacy of user data in a VPN environment. This analysis will include cryptographic security from customer site to customer site using IPSEC. An applicability statement will be developed for each approach that describes the environments in which the approaches are suitable for deployment, including analysis of scaling impact of the approach on SPs and threat analysis. Coordination with the IETF PWE3 and ITU-T efforts will be ensured. Goals and Milestones: Done Begin discussion of the framework and the service requirement documents. Identify a limited set of candidate approaches. Build appropriate design teams. Done Formulate a plan and begin approaching SPs for input on scaling and other requirements Done Begin discussion (based on submitted IDs) on candidate approaches against the different service requirements. Done Begin discussion of applicability statements. Mar 02 Submit the layer 3 framework and the layer 3 service requirement documents to the IESG for consideration as Informational RFCs. May 02 Submit the layer 2 requirement document to the IESG for consideration as Informational RFCs. May 02 Begin submission of the candidate L3 approaches and related applicability statements to IESG publication Aug 02 Submit the layer 2 framework document to the IESG for consideration as Informational RFCs. Aug 02 Begin submission of the candidate L2 approaches and related applicability statements to IESG for publication Dec 02 Charter update or WG disband Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Feb 01 Feb 02 Service requirements for Provider Provisioned Virtual Private Networks Feb 01 Apr 02 A Framework for Layer 3 Provider Provisioned Virtual Private Networks Jul 01 Jul 02 An Architecture for Provider Provisioned CE-based Virtual Private Networks using IPsec Jul 01 Jul 02 BGP-MPLS VPN extension for IPv6 VPN over an IPv4 infrastructure Jul 01 Mar 02 MPLS/BGP Virtual Private Network Management Information Base Using SMIv2 Jul 01 Jul 02 BGP/MPLS VPNs Jul 01 Aug 02 Use of PE-PE IPsec in RFC2547 VPNs Jul 01 Feb 02 Use of PE-PE GRE or IP in RFC2547 VPNs Jul 01 Aug 02 Using BGP as an Auto-Discovery Mechanism for Network-based VPNs Jul 01 Jul 02 Network based IP VPN Architecture using Virtual Routers Sep 01 Jun 02 Virtual Router Management Information Base Using SMIv2 Feb 02 Mar 02 Definition of Textual Conventions for Provider Provisioned Virtual Private Network (PPVPN) Management Mar 02 Mar 02 Requirements for Virtual Private LAN Services (VPLS) Jun 02 Jun 02 Applicability Statement for VPNs Based on rfc2547bis Jun 02 Jun 02 Guidelines of Applicability Statements for PPVPNs Aug 02 Aug 02 PPVPN L2 Framework Aug 02 Aug 02 Applicability Statement for Virtual Router-based Layer 3 PPVPN approaches Aug 02 Aug 02 CE-to-CE Authentication for Layer 3 VPNs Oct 02 Oct 02 Scalable Connectionless Tunneling Architecture and Protocols for VPNs Request For Comments: None to date.