[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Re[2]: PPP over IPSec (without L2TP)?





> From: Jim Tiller [mailto:tiller_j@ins.com]
> Sent: Thursday, October 14, 1999 12:54 PM
> To: Shriver, John
> Cc: 'Ari Huttunen'; ietf-ipsra@vpnc.org; ipsec@lists.tislabs.com
> Subject: Re[2]: PPP over IPSec (without L2TP)?
> 
> Excuse my ignorance, but doesn't IPSec and IP handle this in
> layer three and four? I'm personally torn on the use of L2TP
> over IPSec, I see certain implementations that can benefit,
> but the reasons MS gives do not impress me.
> Any comments are welcome.
> 

Well, for the DATA path, PPP itself has no concerns about packet reordering.
IP over PPP could care less.

But, some of the protocols over PPP care very much about reordering.  IEEE
802.1D bridging assumes essentially no possibility of reordering, so BCP
over PPP has to assume that what is under PPP will not reorder.

But, the big problem is the entire PPP negotiation state machine.  (The
CONTROL path.)  It is absolutely designed on the assumption that the data
link underneath will never reorder packets.  Suppose a NCP Config-Ack was
sent by an IPCP Config-Request.  If they were swapped in transit, the IPCP
packet would be received before NCP was up.

Also, the Van Jacobsen TCP header compression really benefits greatly from
being informed of packet loss at the receiver.  L2TP can provide some hint
of that.

------------- End Forwarded Message -------------




Follow-Ups: