[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Path MTU Discovery

To: "'ipsec@tis.com'" <ipsec@tis.com>
Subject: RE: Path MTU Discovery
From: Sanjay Anand <sanjayan@microsoft.com>
Date: Fri, 21 Feb 1997 17:18:32 -0800
Sender: owner-ipsec@ex.tis.com

>
>> Another point is that fragmentation checking should be done before any
>> IPsec handling takes place (easier and faster).
>
>WRONG FOR OUTBOUND PACKETS!!!  This is in clear violation of RFC 1825.  Lemme
>quote:
>
>>> 3.1 AUTHENTICATION HEADER
> 
><SNIP!>
>
>>>   Fragmentation occurs after the Authentication Header processing for
>>>   outbound packets and prior to Authentication Header processing for
>>>   inbound packets.  The receiver verifies the correctness of the
>
>There actually isn't text in the ESP section, but I'll bet small sums that
>either Ran A. or Steve K. will back me up on this one.
>
>If you meant inbound packets, my bad.
>
>on the inbound side, what does this mean: "fragmentation occurs prior to AH
>processing" 
>does this mean reassembly occurs prior to AH processing ?

Follow-Ups:

RE: Path MTU Discovery

From: Stephen Kent <kent@bbn.com>

Prev by Date: ISAKMP - New Version
Next by Date: Re: TO COMPRESS OR NOT TO CMPRS (please reply)
Prev by thread: Re[2]: Path MTU Discovery
Next by thread: RE: Path MTU Discovery
Index(es):
- Main
- Thread