[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Path MTU Discovery

To: Ben Rogers <ben@ascend.com>, Dan McDonald <Dan.McDonald@Eng.sun.com>
Subject: Re: Path MTU Discovery
From: Ran Atkinson <rja@inet.org>
Date: Tue, 11 Feb 97 03:46:02 GMT Standard Time
Cc: "Angelos D. Keromytis" <angelos@aurora.cis.upenn.edu>, ipsec@tis.com
References: <199702081237.HAA24954@carp.morningstar.com>
Sender: owner-ipsec@ex.tis.com


Ben,

  It is worth noting that none of the IPsec RFCs cite any of the IP-in-IP
RFCs.  This is not an accident.  With IPsec, one is not performing IP-in-IP.
Rather, one is performing IP-in-AH or IP-in-ESP.  The IP-in-IP RFCs don't
include IPsec within their scope.

  It was quite intentional that this was done.  It is equally intentional
that the IPsec RFCs haven't been citing the IP-in-IP RFCs.

  In effect, ESP tunnel mode uses the outer IP as a link-layer.  Copying
DF bit is not prohibited for IPsec tunneling, but neither is it required
for IPsec tunneling.

Ran
rja@inet.org
who wrote the relevant IPsec RFCs...

References:

Re: Path MTU Discovery

From: Ben Rogers <ben@ascend.com>

Prev by Date: Re: replay field size
Next by Date: RE: replay field size
Prev by thread: Re: Path MTU Discovery
Next by thread: Re: Path MTU Discovery
Index(es):
- Main
- Thread