draft-ietf-l2vpn-radius-pe-discovery-01.txt   draft-ietf-l2vpn-radius-pe-discovery-02.txt 
Network Working Group J. Heinanen Network Working Group J. Heinanen
Internet-Draft TutPro Inc. Internet-Draft TutPro Inc.
Expires: August 23, 2005 G. Weber, Ed. Expires: April 26, 2006 G. Weber, Ed.
W. Townsley W. Townsley
S. Booth S. Booth
W. Luo W. Luo
Cisco Systems Cisco Systems
February 19, 2005 October 23, 2005
Using RADIUS for PE-Based VPN Discovery Using RADIUS for PE-Based VPN Discovery
draft-ietf-l2vpn-radius-pe-discovery-01.txt draft-ietf-l2vpn-radius-pe-discovery-02.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions By submitting this Internet-Draft, each author represents that any
of Section 3 of RFC 3667. By submitting this Internet-Draft, each applicable patent or other IPR claims of which he or she is aware
author represents that any applicable patent or other IPR claims of have been or will be disclosed, and any of which he or she becomes
which he or she is aware have been or will be disclosed, and any of aware will be disclosed, in accordance with Section 6 of BCP 79.
which he or she become aware will be disclosed, in accordance with
RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as Internet-
Internet-Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 23, 2005. This Internet-Draft will expire on April 26, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2005).
Abstract Abstract
This document describes a strategy by which Provider Equipment (PE) This document describes a strategy by which Provider Equipment (PE)
can be dynamically provisioned for inclusion in PE-based Layer 2 can be dynamically provisioned for inclusion in PE-based Layer 2
Virtual Private Networks (L2VPNs). This layered strategy utilizes Virtual Private Networks (L2VPNs). This layered strategy utilizes
the Remote Authentication Dial In User Service (RADIUS) protocol as a the Remote Authentication Dial In User Service (RADIUS) protocol as a
centralized control mechanism and can be used in conjunction with centralized control mechanism and can be used in conjunction with
other proposed mechanisms. The mechanisms described in this document other proposed mechanisms. The mechanisms described in this document
enhance those established by RFC 2868 and conform to those described enhance those established by RFC 2868 and conform to those described
by the L2VPN Framework. by the L2VPN Framework.
Table of Contents Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Information Model . . . . . . . . . . . . . . . . . . . . . 3 4. Information Model . . . . . . . . . . . . . . . . . . . . . . 3
5. New RADIUS Attributes . . . . . . . . . . . . . . . . . . . 6 5. New RADIUS Attributes . . . . . . . . . . . . . . . . . . . . 6
5.1 Router-Distinguisher . . . . . . . . . . . . . . . . . . . 6 5.1. Router-Distinguisher . . . . . . . . . . . . . . . . . . . 6
5.2 VPN-ID . . . . . . . . . . . . . . . . . . . . . . . . . . 7 5.2. VPN-ID . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5.3 Attachment-Individual-ID . . . . . . . . . . . . . . . . . 7 5.3. Attachment-Individual-ID . . . . . . . . . . . . . . . . . 7
5.4 Per-Hop-Behavior . . . . . . . . . . . . . . . . . . . . . 8 5.4. Per-Hop-Behavior . . . . . . . . . . . . . . . . . . . . . 8
5.5 PE-Router-ID . . . . . . . . . . . . . . . . . . . . . . . 9 5.5. PE-Router-ID . . . . . . . . . . . . . . . . . . . . . . . 9
5.6 PE-Address . . . . . . . . . . . . . . . . . . . . . . . . 9 5.6. PE-Address . . . . . . . . . . . . . . . . . . . . . . . . 9
5.7 PE-Record . . . . . . . . . . . . . . . . . . . . . . . . 10 5.7. PE-Record . . . . . . . . . . . . . . . . . . . . . . . . 10
6. New Values for Existing RADIUS Attributes . . . . . . . . . 11 6. New Values for Existing RADIUS Attributes . . . . . . . . . . 11
6.1 Service-Type . . . . . . . . . . . . . . . . . . . . . . . 11 6.1. Service-Type . . . . . . . . . . . . . . . . . . . . . . . 11
6.2 User-Name . . . . . . . . . . . . . . . . . . . . . . . . 12 6.2. User-Name . . . . . . . . . . . . . . . . . . . . . . . . 12
7. Table of Attributes . . . . . . . . . . . . . . . . . . . . 12 7. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 12
8. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 13 8. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
9. Security Considerations . . . . . . . . . . . . . . . . . . 14 9. Security Considerations . . . . . . . . . . . . . . . . . . . 14
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . 14 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15
11.1 Normative References . . . . . . . . . . . . . . . . . . 14 11.1. Normative References . . . . . . . . . . . . . . . . . . . 15
11.2 Informative References . . . . . . . . . . . . . . . . . 15 11.2. Informative References . . . . . . . . . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 16 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 17
Intellectual Property and Copyright Statements . . . . . . . 17 Intellectual Property and Copyright Statements . . . . . . . . . . 18
1. Terminology 1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
This document uses terminology from [I-D.ietf-l2vpn-l2-framework] and This document uses terminology from [I-D.ietf-l2vpn-l2-framework] and
[I-D.ietf-l2vpn-signaling]. [I-D.ietf-l2vpn-signaling].
2. Acronyms 2. Acronyms
AII: Attachment Individual Identifier AII: Attachment Individual Identifier
AC: Attachment Circuit AC: Attachment Circuit
AGI: Attachment Group Identifier AGI: Attachment Group Identifier
AS: Automonous System AS: Autonomous System
CE: Customer Equipment CE: Customer Equipment
L2VPN: Layer 2 Provider Provisioned Virtual Private Network L2VPN: Layer 2 Provider Provisioned Virtual Private Network
NAI Network Access Identifier NAI: Network Access Identifier
NAS: Network Access Server NAS: Network Access Server
PE: Provider Equipment PE: Provider Equipment
SAI: Source Attachment Identifier SAI: Source Attachment Identifier
SAII: Source Attachment Individual Identifier SAII: Source Attachment Individual Identifier
RADIUS: Remote Authentication Dial In User Service RADIUS: Remote Authentication Dial In User Service
TAI: Target Attachment Identifier TAI: Target Attachment Identifier
TAII: Target Attachment Individual Identifier TAII: Target Attachment Individual Identifier
VPLS: Virtual Private LAN Service VPLS: Virtual Private LAN Service
VPN: Virtual Private Network VPN: Virtual Private Network
VPWS: Virtual Private Wire Service VPWS: Virtual Private Wire Service
3. Introduction 3. Introduction
This document describes how in PE-based VPNs a PE of a VPN can use This document describes how in PE-based VPNs a PE of a VPN can use
RADIUS [RFC2865] to authenticate its CEs and discover the other PEs RADIUS [RFC2865] to authenticate its CEs and discover the other PEs
of the VPN. In RADIUS terms, the CEs are users and the PEs are of the VPN. In RADIUS terms, the CEs are users and the PEs are
Network Access Servers (NAS) implementing RADIUS client Network Access Servers (NAS) implementing RADIUS client
functionality. functionality.
A VPN can span multiple Autonomous Systems (AS) and multiple A VPN can span multiple Autonomous Systems (AS) and multiple
providers. Each PE, however, only needs to be a RADIUS client to providers. Each PE, however, only needs to be a RADIUS client to a
RADIUS server of the "local" provider. In the case in which a CE RADIUS server of the "local" provider. In the case in which a CE
belongs to a "foreign" VPN, the RADIUS server of the local provider belongs to a "foreign" VPN, the RADIUS server of the local provider
acts as a proxy client to RADIUS of the foreign provider. acts as a proxy client to RADIUS of the foreign provider.
4. Information Model 4. Information Model
This document presents a model wherein authorization for This document presents a model wherein authorization for
participation in a PE-based VPN can be divided into three different participation in a PE-based VPN can be divided into three different
layers of access. layers of access.
o CE or AC Authorization o CE or AC Authorization
o VPN Authorization o VPN Authorization
o Pseudowire Authorization o Pseudowire Authorization
The first layer is AC authorization, in which a first sign of life on The first layer is AC authorization, in which a first sign of life on
a particular AC triggers an authorization resulting in provisioning a particular AC triggers an authorization resulting in provisioning
skipping to change at page 6, line 21 skipping to change at page 6, line 21
The following two sections define how the components of this data The following two sections define how the components of this data
model may be represented as RADIUS attributes so the components of model may be represented as RADIUS attributes so the components of
this information model may be communicated from a centralized this information model may be communicated from a centralized
location out into the network elements. location out into the network elements.
5. New RADIUS Attributes 5. New RADIUS Attributes
This document defines several new RADIUS Attributes which are This document defines several new RADIUS Attributes which are
described in detail in this section. described in detail in this section.
5.1 Router-Distinguisher 5.1. Router-Distinguisher
This attribute represents a Router Distinguisher as described in This attribute represents a Router Distinguisher as described in
[I-D.ietf-l3vpn-rfc2547bis]. It MAY be included in an Access-Request [I-D.ietf-l3vpn-rfc2547bis]. It MAY be included in an Access-Request
message. This attribute MUST NOT be included in Access-Request message. This attribute MUST NOT be included in Access-Request
messages that also include a "VPN-ID" attribute. messages that also include a "VPN-ID" attribute.
A summary of the Router-Distinguisher attribute format is shown A summary of the Router-Distinguisher attribute format is shown
below. The fields are transmitted from left to right. below. The fields are transmitted from left to right.
0 1 2 0 1 2
skipping to change at page 7, line 14 skipping to change at page 7, line 15
assigned by enterprise responsible for the ASN, e.g. "0:114:23". assigned by enterprise responsible for the ASN, e.g. "0:114:23".
Where the type is "1", the administrator contains an IP address, and Where the type is "1", the administrator contains an IP address, and
the assigned number is a 16-bit value assigned by the enterprise the assigned number is a 16-bit value assigned by the enterprise
controlling the IP address space, e.g. "1:1.2.3.4:10001". controlling the IP address space, e.g. "1:1.2.3.4:10001".
Where the type is "2", the administrator contains a 32-bit ASN, and Where the type is "2", the administrator contains a 32-bit ASN, and
the assigned number is a 16-bit value assigned by the enterprise the assigned number is a 16-bit value assigned by the enterprise
responsible for the ASN, e.g. "2:70000:216". responsible for the ASN, e.g. "2:70000:216".
5.2 VPN-ID 5.2. VPN-ID
This attribute represents a VPN-ID as described in [RFC2685]. It MAY This attribute represents a VPN-ID as described in [RFC2685]. It MAY
be included in an Access-Request message. This attribute MUST NOT be be included in an Access-Request message. This attribute MUST NOT be
included in Access-Request messages that also include a included in Access-Request messages that also include a Router-
Router-Distinguisher attribute. Distinguisher attribute.
A summary of the VPN-ID attribute format is shown below. The fields A summary of the VPN-ID attribute format is shown below. The fields
are transmitted from left to right. are transmitted from left to right.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
| Type | Length | Text ... | Type | Length | Text ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
skipping to change at page 7, line 44 skipping to change at page 7, line 45
Length Length
>= 5 >= 5
Text Text
The Text field is composed of two colon separated parts: a VPN The Text field is composed of two colon separated parts: a VPN
authority Organizationally Unique Identifier, and a VPN index, e.g. authority Organizationally Unique Identifier, and a VPN index, e.g.
"101:14". "101:14".
5.3 Attachment-Individual-ID 5.3. Attachment-Individual-ID
This attribute indicates a Attachment-Individual-ID as described in This attribute indicates a Attachment-Individual-ID as described in
[I-D.ietf-l2vpn-signaling]. [I-D.ietf-l2vpn-signaling].
A summary of the Attachment-Individual-ID attribute format is shown A summary of the Attachment-Individual-ID attribute format is shown
below. The fields are transmitted from left to right. below. The fields are transmitted from left to right.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
skipping to change at page 8, line 24 skipping to change at page 8, line 24
Length Length
>= 3 >= 3
Text Text
The Text field is an encoding of the Source Attachment Individual The Text field is an encoding of the Source Attachment Individual
Identifier, e.g. "2". Identifier, e.g. "2".
5.4 Per-Hop-Behavior 5.4. Per-Hop-Behavior
This attribute indicates a Per-Hop-Behavior as described in This attribute indicates a Per-Hop-Behavior as described in
[RFC3140]. [RFC3140].
A summary of the Per-Hop-Behavior attribute format is shown below. A summary of the Per-Hop-Behavior attribute format is shown below.
The fields are transmitted from left to right. The fields are transmitted from left to right.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 9, line 5 skipping to change at page 9, line 5
Length Length
6 6
Integer Integer
The lower 16-bits of the value contains the Per-Hop-Behavior value as The lower 16-bits of the value contains the Per-Hop-Behavior value as
described in [RFC3140]. described in [RFC3140].
5.5 PE-Router-ID 5.5. PE-Router-ID
This attribute typically indicates an IPv4 address for a particular This attribute typically indicates an IPv4 address for a particular
PE member of a VPN, though it may be some arbitrary value assigned by PE member of a VPN, though it may be some arbitrary value assigned by
the owner of the ID space. the owner of the ID space.
A summary of the PE-Router-ID attribute format is shown below. The A summary of the PE-Router-ID attribute format is shown below. The
fields are transmitted from left to right. fields are transmitted from left to right.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at page 9, line 35 skipping to change at page 9, line 35
Length Length
6 6
Address Address
Typically, the value indicates the IPv4 address of a particular PE Typically, the value indicates the IPv4 address of a particular PE
member of a VPN. member of a VPN.
5.6 PE-Address 5.6. PE-Address
This attribute indicates an IPv4 address for a particular PE member This attribute indicates an IPv4 address for a particular PE member
of a VPN. In relation to the PE for which a CE is joining the VPN, of a VPN. In relation to the PE for which a CE is joining the VPN,
this would be the initial's PE's next hop address. this would be the initial's PE's next hop address.
A summary of the PE-Address attribute format is shown below. The A summary of the PE-Address attribute format is shown below. The
fields are transmitted from left to right. fields are transmitted from left to right.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at page 10, line 26 skipping to change at page 10, line 26
Length Length
6 6
Address Address
The value indicates the IPv4 address of a particular PE member of a The value indicates the IPv4 address of a particular PE member of a
VPN. VPN.
5.7 PE-Record 5.7. PE-Record
This attribute represents a single element within a particular PE's This attribute represents a single element within a particular PE's
description. A group of PE-Records combine to form a complete PE description. A group of PE-Records combine to form a complete PE
description when returned during VPN authorization. description when returned during VPN authorization.
A summary of the PE-Record attribute format is shown below. The A summary of the PE-Record attribute format is shown below. The
fields are transmitted from left to right. fields are transmitted from left to right.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at page 11, line 11 skipping to change at page 11, line 11
The Text field contains an AII prefixed by a PE-Router-ID and The Text field contains an AII prefixed by a PE-Router-ID and
separated by a colon, e.g. "1.1.1.1:14" where the PE-Router-ID is separated by a colon, e.g. "1.1.1.1:14" where the PE-Router-ID is
1.1.1.1 and the AII is 14. This represents a particular pseudowire. 1.1.1.1 and the AII is 14. This represents a particular pseudowire.
The value is optionally suffixed by a colon separated list of The value is optionally suffixed by a colon separated list of
attribute value pairs containing pseudowire-specific configuration, attribute value pairs containing pseudowire-specific configuration,
e.g. "1.1.1.1:14:PHB=256". e.g. "1.1.1.1:14:PHB=256".
6. New Values for Existing RADIUS Attributes 6. New Values for Existing RADIUS Attributes
6.1 Service-Type 6.1. Service-Type
This document defines one new value for an existing RADIUS attribute. This document defines one new value for an existing RADIUS attribute.
The Service-Type attribute is defined in Section 5.6 of RFC 2865 The Service-Type attribute is defined in Section 5.6 of RFC 2865
[RFC2865], as follows: [RFC2865], as follows:
This Attribute indicates the type of service the user has requested, This Attribute indicates the type of service the user has requested,
or the type of service to be provided. It MAY be used in both or the type of service to be provided. It MAY be used in both
Access-Request and Access-Accept packets. Access-Request and Access-Accept packets.
A NAS is not required to implement all of these service types, and A NAS is not required to implement all of these service types, and
skipping to change at page 12, line 34 skipping to change at page 12, line 34
This document defines one new value for the Service-Type This document defines one new value for the Service-Type
attribute. attribute.
(TBA) L2VPN (TBA) L2VPN
The semantics of the L2VPN service are as follows: The semantics of the L2VPN service are as follows:
L2VPN A CE is requesting to join a VPN. L2VPN A CE is requesting to join a VPN.
6.2 User-Name 6.2. User-Name
This attribute defined by [RFC2865] takes a value depending on which This attribute defined by [RFC2865] takes a value depending on which
layer of VPN authorization is occurring. layer of VPN authorization is occurring.
o For CE/AC authorization, the User-Name value contains either a o For CE/AC authorization, the User-Name value contains either a
Network Access Identifier (NAI) associated with the CE [RFC2486], Network Access Identifier (NAI) associated with the CE [RFC2486],
or an implementation dependent AC name. or an implementation dependent AC name.
o For VPN authorization, the User-Name value contains the VPN-ID or o For VPN authorization, the User-Name value contains the VPN-ID or
a Router-Distinguisher. a Router-Distinguisher.
o For pseudowire authorization, the User-Name value contains a o For pseudowire authorization, the User-Name value contains a PE-
PE-Router-ID. Router-ID.
7. Table of Attributes 7. Table of Attributes
The following tables provide a guide to which attributes may be found The following tables provide a guide to which attributes may be found
in which kinds of packets, and in what quantity. in which kinds of packets, and in what quantity.
CE/AC Authorization CE/AC Authorization
Request Accept Reject Challenge # Attribute Request Accept Reject Challenge # Attribute
--------------------------------------------------------------------- ---------------------------------------------------------------------
0 0-1 0 0 TBA Router-Distinguisher 0 0-1 0 0 TBA Router-Distinguisher
skipping to change at page 14, line 47 skipping to change at page 15, line 11
9. Security Considerations 9. Security Considerations
[TBD] [TBD]
10. IANA Considerations 10. IANA Considerations
[TBD] [TBD]
11. References 11. References
11.1 Normative References 11.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2865] Rigney, C., Willens, S., Rubens, A. and W. Simpson, [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)", "Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000. RFC 2865, June 2000.
[RFC2868] Zorn, G., Leifer, D., Rubens, A., Shriver, J., Holdrege, [RFC2868] Zorn, G., Leifer, D., Rubens, A., Shriver, J., Holdrege,
M. and I. Goyret, "RADIUS Attributes for Tunnel Protocol M., and I. Goyret, "RADIUS Attributes for Tunnel Protocol
Support", RFC 2868, June 2000. Support", RFC 2868, June 2000.
[RFC2685] Fox, B. and B. Gleeson, "Virtual Private Networks [RFC2685] Fox, B. and B. Gleeson, "Virtual Private Networks
Identifier", RFC 2685, September 1999. Identifier", RFC 2685, September 1999.
11.2 Informative References 11.2. Informative References
[I-D.ietf-l2vpn-signaling] [I-D.ietf-l2vpn-signaling]
Rosen, E. and V. Radoaca, "Provisioning Models and Rosen, E., "Provisioning, Autodiscovery, and Signaling in
Endpoint Identifiers in L2VPN Signaling", L2VPNs", draft-ietf-l2vpn-signaling-06 (work in progress),
Internet-Draft draft-ietf-l2vpn-signaling-02, September September 2005.
2004.
[I-D.ietf-pwe3-control-protocol] [I-D.ietf-pwe3-control-protocol]
Martini, L., "Pseudowire Setup and Maintenance using LDP", Martini, L., "Pseudowire Setup and Maintenance using the
Internet-Draft draft-ietf-pwe3-control-protocol-14, Label Distribution Protocol",
November 2004. draft-ietf-pwe3-control-protocol-17 (work in progress),
June 2005.
[I-D.ietf-l3vpn-rfc2547bis] [I-D.ietf-l3vpn-rfc2547bis]
Rosen, E., "BGP/MPLS IP VPNs", Rosen, E., "BGP/MPLS IP VPNs",
Internet-Draft draft-ietf-l3vpn-rfc2547bis-03, October draft-ietf-l3vpn-rfc2547bis-03 (work in progress),
2004. October 2004.
[RFC2279] Yergeau, F., "UTF-8, a transformation format of ISO [RFC2279] Yergeau, F., "UTF-8, a transformation format of ISO
10646", RFC 2279, January 1998. 10646", RFC 2279, January 1998.
[I-D.ietf-l2vpn-l2-framework] [I-D.ietf-l2vpn-l2-framework]
Andersson, L. and E. Rosen, "Framework for Layer 2 Virtual Andersson, L. and E. Rosen, "Framework for Layer 2 Virtual
Private Networks (L2VPNs)", Private Networks (L2VPNs)",
Internet-Draft draft-ietf-l2vpn-l2-framework-05, June draft-ietf-l2vpn-l2-framework-05 (work in progress),
2004. June 2004.
[RFC2486] Aboba, B. and M. Beadles, "The Network Access Identifier", [RFC2486] Aboba, B. and M. Beadles, "The Network Access Identifier",
RFC 2486, January 1999. RFC 2486, January 1999.
[RFC3140] Black, D., Brim, S., Carpenter, B. and F. Le Faucheur, [RFC3140] Black, D., Brim, S., Carpenter, B., and F. Le Faucheur,
"Per Hop Behavior Identification Codes", RFC 3140, June "Per Hop Behavior Identification Codes", RFC 3140,
2001. June 2001.
Authors' Addresses Authors' Addresses
Juha Heinanen Juha Heinanen
TutPro Inc. TutPro Inc.
Utsjoki Utsjoki
Finland Finland
Email: jh@tutpro.com Email: jh@tutpro.com
 End of changes. 31 change blocks. 
71 lines changed or deleted 68 lines changed or added

This html diff was produced by rfcdiff 1.27, available from http://www.levkowetz.com/ietf/tools/rfcdiff/