[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Placement of IPCOMP header in IPSEC Tunnel mode

To: ipsec@lists.tislabs.com
Subject: Placement of IPCOMP header in IPSEC Tunnel mode
From: "Strahm, Bill" <bill.strahm@intel.com>
Date: Wed, 17 Nov 1999 13:32:25 -0800
Sender: owner-ipsec@lists.tislabs.com

I am confused about the placement of the IPComp header when used in Tunnel
mode.

>From RFC 2393 Section 2.1
   In IP version 4 [RFC-0791], the compression is applied to the upper
   layer protocol (ULP) payload of the IP datagram.  No portion of the
   IP header or the IP header options is compressed.

Now in Tunnel mode I am building an IP packet that looks like this

IP(outer)- IPSEC transform - IP(inner) - data

I am convinced that the correct placement of a tunnel mode compression
header is

IP(outer) - IPSEC transform - IPCOMP - IP(inner) - data

However from section 2.1 I can see a reading that says I am not to compress
the IP header or options, so a packet would be built like this

IP(outer) - IPSEC transform - IP(inner) - IPCOMP - data

If this later packet is correct I would have a hard time determining if I
should unapply compression at the gateway or the end host.

Can I get some clarification on this point please ?

Bill

______________________________________________
Bill Strahm        Programming today is a race between
bill.strahm@      software engineers striving to build
intel.com           bigger and better idiot-proof programs,
(503) 264-4632   and the Universe trying to produce
            bigger and better idiots.  So far, the
                        Universe is winning.--Rich Cook
I am not speaking for Intel.  And Intel rarely speaks for me

Prev by Date: Re: Phase 1 Re-keying Implementation Identification
Next by Date: Re: Phase 1 Re-keying Implementation Identification
Prev by thread: I-D ACTION:draft-ietf-ipsec-isakmp-gss-auth-05.txt
Next by thread: RE: Placement of IPCOMP header in IPSEC Tunnel mode
Index(es):
- Main
- Thread