Re: IPsec Architecture -- proposed changes

[Matt Thomas <matt.thomas@altavista-software.com>]

At 12:21 PM 10/7/97 -0400, C. Harald Koch wrote:
>In message <199710071547.LAA03894@istari.sandelman.ottawa.on.ca>, "Michael C. Richardson" writes:
>> 
>>   Okay, which end decrements then?
>>   The far end is the one "forwarding" so it should do it.
>>   The near end can be thought to be forwarding as well.
>
>Agreed, they're *both* forwarding the packet; one into the tunnel, and one
>out of the tunnel. RFC 2003 specifies good behaviour TTL handling with IP in
>IP tunneling.

No!  If the de-encapsulator is the destination of the tunnelled packet
then he is not forwarding it and therefore should not be decrementing the
TTL.  Only if he would forward the packet on must he decrement the TTL.

-- 
Matt Thomas                    Internet:   matt.thomas@altavista-software.com
Internet Locksmith             WWW URL:    <coming eventually>
AltaVista Internet Software    Disclaimer: This message reflects my own
Littleton, MA                              warped views, etc.

---

Follow-Ups:

• Re: IPsec Architecture -- proposed changes
• From: "C. Harald Koch" <chk@utcc.utoronto.ca>

References:

• Re: IPsec Architecture -- proposed changes
• From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>
• Re: IPsec Architecture -- proposed changes
• From: "C. Harald Koch" <chk@utcc.utoronto.ca>

---

• Prev by Date: Re: IPsec Architecture -- proposed changes
• Next by Date: Re: IPsec Architecture -- proposed changes
• Prev by thread: Re: IPsec Architecture -- proposed changes
• Next by thread: Re: IPsec Architecture -- proposed changes
• Index(es):
  • Main
  • Thread