[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC tunnels and Mobile IP
- To: Stephen Waters <Stephen.Waters@digital.com>
- Subject: Re: IPSEC tunnels and Mobile IP
- From: Raul Miller <rdm@test.legislate.com>
- Date: Sat, 28 Feb 1998 09:58:13 -0500
- Cc: ipsec@tis.com
- In-Reply-To: <250F9C8DEB9ED011A14D08002BE4F64C011D5A91@wade.reo.dec.com>; from Stephen Waters on Sat, Feb 28, 1998 at 12:59:02PM -0000
- Mail-Followup-To: Stephen Waters <Stephen.Waters@digital.com>,ipsec@tis.com
- References: <250F9C8DEB9ED011A14D08002BE4F64C011D5A91@wade.reo.dec.com>
- Sender: owner-ipsec@ex.tis.com
Stephen Waters <Stephen.Waters@digital.com> wrote:
> ... but what is the IPSEC response to encapsulating bridged traffic
> and insuring there is no reordering?
[opinion:]
Of course, tcp deals with this.
It might be nice to have a protocol designed to provide a udp-style
interface, which uses tcp-like state except that it is willing to
discard packets whose latency is too far above the mean. But this is
hardly essential.
Using a transport layer for network is presumably not as ultimately
efficient in terms of bandwidth as a purely internetwork solution, but
it seems very efficient in terms of design resources. I think that it's
currently outside the scope of this group to bring tcp's semantics into
the ip layer.
As I see it, this kind of configuration involves two logical interfaces
at the endpoint (one for the tunnel, one for the traffic) with logically
distinct key management.
--
Raul