[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposal for IP Peer protocol

To: smb@research.att.com
Subject: Re: Proposal for IP Peer protocol
From: John Shriver <jas@shiva.com>
Date: Wed, 9 Jun 1999 13:16:39 -0400
CC: Stephen.Waters@cabletron.com, pkoning@xedia.com, ipsec@lists.tislabs.com, ippcp@external.cisco.com
In-reply-to: <19990609164101.CB3D441F16@SIGABA.research.att.com>(smb@research.att.com)
Sender: owner-ipsec@lists.tislabs.com

   To: John Shriver <jas@shiva.com>
   Subject: Re: Proposal for IP Peer protocol 
   Date: Wed, 09 Jun 1999 12:40:56 -0400
   From: "Steven M. Bellovin" <smb@research.att.com>

   In message <199906091612.MAA17182@brill.shiva.com>, John Shriver writes:

   > The Van Jacobsen header compression relies on two things that PPP
   > provides and IPsec "tunnels" don't provide:
   > 
   > 2. The receiver gets information about lost (bad CRC) frames.  (This
   > is more of a hint, but still important.)

   The ESP or AH checksums are much stronger than CRCs, and can be used to
   discard damaged packets.

Yes, the Digests are much stronger than CRC's.  But, on PPP, a CRC
error is an almost reliable indication of packet loss.  In ESP or AH,
packets can be lost without ever seeing a CRC (Digest) error.
Moreover, due to multiplexing, even with the detection of a Digest
error on an AH or ESP packet cannot reliably pass that information to
the correct "connection".

But, as noted by someone else, "see RFC 2507" is the right response to
the original query.

References:

Re: Proposal for IP Peer protocol

From: "Steven M. Bellovin" <smb@research.att.com>

Prev by Date: Re: Proposal for IP Peer protocol
Next by Date: Re: What's the attribute value for group generator (MODP) ?
Prev by thread: Re: Proposal for IP Peer protocol
Next by thread: SkipJack numbers?
Index(es):
- Main
- Thread