[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC requirements
> Please call it something else. Most of us don't mean this when we say
> "firewall". A firewall is an IP level concept. Even peeking into the
> IP Protocol field is still an IP level concept.
Firewalls are quite appropriately implemented to look at port numbers
in TCP/UDP headers, not IP headers.
So, please don't try to misspecify them.
It's still OK to have a transport layer IP-SEC field in IP header
for implementation efficiency.
Masataka Ohta
References: