[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC tunnels and Mobile IP

To: Stephen Waters <Stephen.Waters@digital.com>
Subject: Re: IPSEC tunnels and Mobile IP
From: Raul Miller <rdm@test.legislate.com>
Date: Sat, 28 Feb 1998 09:58:13 -0500
Cc: ipsec@tis.com
In-Reply-To: <250F9C8DEB9ED011A14D08002BE4F64C011D5A91@wade.reo.dec.com>; from Stephen Waters on Sat, Feb 28, 1998 at 12:59:02PM -0000
Mail-Followup-To: Stephen Waters <Stephen.Waters@digital.com>,ipsec@tis.com
References: <250F9C8DEB9ED011A14D08002BE4F64C011D5A91@wade.reo.dec.com>
Sender: owner-ipsec@ex.tis.com

Stephen Waters <Stephen.Waters@digital.com> wrote:
> ... but what is the IPSEC response to encapsulating bridged traffic
> and insuring there is no reordering?

[opinion:]

Of course, tcp deals with this.

It might be nice to have a protocol designed to provide a udp-style
interface, which uses tcp-like state except that it is willing to
discard packets whose latency is too far above the mean. But this is
hardly essential.

Using a transport layer for network is presumably not as ultimately
efficient in terms of bandwidth as a purely internetwork solution, but
it seems very efficient in terms of design resources. I think that it's
currently outside the scope of this group to bring tcp's semantics into
the ip layer.

As I see it, this kind of configuration involves two logical interfaces
at the endpoint (one for the tunnel, one for the traffic) with logically
distinct key management.

-- 
Raul

Prev by Date: Re: IPSEC WORKING GROUP LAST CALL
Next by Date: Draft versions -- Arch, AH, ESP
Prev by thread: Re: IPSEC WORKING GROUP LAST CALL
Next by thread: Re: IPSEC tunnels and Mobile IP
Index(es):
- Main
- Thread