Network Management with IP Sec

["Grillo, John" <John.Grillo@compaq.com>]

Currently, I manage tools which keep track of application percentages across
the LAN and WAN based on TCP/UDP port number.  

The way I read the IP Sec RFC, the original packet will be encapsulated, a
checksum is calculated, and then all information in the original packet is
encrypted (or something along those line -- that's not the important part).
If this is the case, I loose visibility into the original packet and
therefore cannot determine the port it was using (the important part).  I
haven't read anything in the description of the headers that will translate
to "application".

I've asked a few network managment vendors how they will account for this
protocol but no one had a good answer.

I'm sure this was discussed, is there any information posted?

Thanks,

John D Grillo
Global Network Planning and Design
Compaq Computer Corporation
Voice: (281) 514-3842
Pager: 1-800-724-3329  PIN 382-1086

---

Follow-Ups:

• Re: Network Management with IP Sec
• From: Henry Spencer <henry@spsystems.net>
• Network Management with IP Sec
• From: leonard_samuelson@ascend.com (Len Samuelson)

---

• Prev by Date: Re: Comments on "Hybrid Auth. mode for IKE"
• Next by Date: Re: Comments on "Hybrid Auth. mode for IKE"
• Prev by thread: IPsec Arch draft
• Next by thread: Re: Network Management with IP Sec
• Index(es):
  • Main
  • Thread