[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC tunnels for LAN-to-LAN interop issue

To: "Waters, Stephen" <Stephen.Waters@cabletron.com>
Subject: Re: IPSEC tunnels for LAN-to-LAN interop issue
From: Eric Bomarsi <ebomarsi@xedia.com>
Date: Fri, 27 Aug 1999 15:59:14 -0400
Cc: John Shriver <jas@shiva.com>, ipsec@lists.tislabs.com
Organization: xedia.com
References: <29752A74B6C5D211A4920090273CA3DCCDE252@new-exc1.ctron.com>
Sender: owner-ipsec@lists.tislabs.com

"Waters, Stephen" wrote:

> The model you suggest below of a routing interface being represented by a
> 'collection of IPSEC SA going to the same peer' has some problems as a
> model, I think:

...

>
>
> Basically, this is difficult to model, difficult to manage, and difficult to
> explain to customers.
>

Stephen, I don't think that's true.  The Xedia router aggregates tunnels
to a remote gateway on a virtual datalink interface beneath an IP
interface.  The fact that it's a virtual interface is transparent to IP and
RIP and OSPF run just fine over it. It's analogous to an ATM or Frame
interface but instead of circuits, it has tunnels.

            Eric

References:

RE: IPSEC tunnels for LAN-to-LAN interop issue

From: "Waters, Stephen" <Stephen.Waters@cabletron.com>

Prev by Date: Re: IPSEC tunnels for LAN-to-LAN interop issue
Next by Date: RE: IPSEC tunnels for LAN-to-LAN interop issue
Prev by thread: Re: IPSEC tunnels for LAN-to-LAN interop issue
Next by thread: RE: IPSEC tunnels for LAN-to-LAN interop issue
Index(es):
- Main
- Thread