[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: some issues about IPSec
Bronislav Kavsan wrote:
>
<snip>
> You can do end-user to end-usr in tunnel mode - therefore I don't buy this
> argument.
>
<snip again...>
> I don't buy this argument either - there is no need for double-encapsulation -
> just establish end-to-end tunnel.
By definition, tunnel mode requires encapsulation. If you are doing
end-user to end-user in tunnel mode, this is inefficient because you are
wrapping an extra ip header around the packet which supplies no new
information.
References: