1 / 8

SNMP for the PAA-EP protocol PANA wg - IETF 61 Washington DC

SNMP for the PAA-EP protocol PANA wg - IETF 61 Washington DC. draft-ietf-pana-snmp-02.txt. Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT). SNMP on the PAA-EP interface History. PANA charter: The PANA working group mandates SNMP for PAA-EP Chronology:

maglio
Download Presentation

SNMP for the PAA-EP protocol PANA wg - IETF 61 Washington DC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SNMP for the PAA-EP protocolPANA wg - IETF 61 Washington DC draft-ietf-pana-snmp-02.txt Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT)

  2. SNMP on the PAA-EP interfaceHistory • PANA charter: • The PANA working group mandates SNMP for PAA-EP • Chronology: • IETF55: PAA-EP interface requirements • IETF56/57/58: PAA-EP protocol evaluation • IETF59: SNMP draft accepted as a PANA work item • IETF60/61: SNMP draft updated • Currently draft-ietf-pana-snmp-02.txt

  3. Additional PANA MIB objectsfor L2 access control & Specific Notifs • PANA-specific objects extends the IPSP SPD-MIB with: • Generic L2 Filters • In the –02 version • New PaC presence Notification • In the –02 version • L2 protection (keying material) • TBD

  4. Major changes since -01 • MIB design • MIB module re-designed to support generic Link-layer filtering • panaL2FilterTable • PaC presence Notification re-designed • panaNewPacIpNotification • panaNewPacL2Notification • Conformance section done • Security section -> done • Edits -> mostly a careful use of SNMPv3 terminology • Mailing list feedback/comments on -01 -> fixed

  5. Next steps and open issues for -03 • Link-layer protection • Some additonal objects design might be needed • Might re-use existing • 802.11i • what else ? • Section on MIB usage examples in the PANA context • Needs a review by IPSP wg • MIB doctor to act as a technical advisor for the PANA WG • One more iteration before WGLC

  6. THANKS

  7. AAA auth PANA auth SNMP Install filter # PaC traffic Functional basic principle PAA AAA backend One single IP subnet PaC AR EP

  8. Re-use of existing IPSec configuration MIBsfor IP level access control • IPSec configuration MIB splitted into 3 separate modules • IPSec SPD configuration MIB module (IPSP wg) • Rule/Filter/Action Policy structure • Various IP filters, including IP header filter • Notification Variables re-usable for the PaC presence notif • IPSec IKE configuration MIB module (IPSP wg) • For IP-based access control (draft-ietf-pana-ipsec) • Pre-shared key configuration (PSK) • Derived at the PAA level • ID_KEY_ID configuration (aggressive mode) • PANA_Session_id|PANA_Key_Id

More Related