[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: first comments on draft-ietf-ipsec-mib-02.txt (no ifIndex/ifE ntry)



> 	So the point John Shriver was making was related to MIBS and
> management. Are tunnels virtual interfaces or not? But the 
> comments I make
> in reply could lead down a very different discussion path... 
> that of how
> routing protocols treat tunnels.

In our IPv6-based implementation, we are NOT treating tunnel-mode SAs as
virtual interfaces.

We do support tunnels (encapsulating v6-in-v4 and, soon, v6-in-v6) that ARE
virtual interfaces. And because they are interfaces, they can have security
policies that call for the use of IPsec, the endpoints have addresses
assigned to them, they can participate in routing, etc.

Rich