[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC 2401 section 5.2.1



On Fri, 24 Nov 2000, Francis Dupont wrote:
>    It would be sensible to retain both if transport mode was the fundamental
>    IPsec mode and tunnel mode was *just* IPIP tunneling over a transport-mode
>    connection.
> 
> => it is...

No.  Not by RFC 2401, it's not.  Please distinguish carefully between the
way you think the protocols should work, and the way they are currently
specified to work.  Don't be misled by RFC 2401 saying that tunnel mode is
"essentially" a tunnel within transport mode; that is a useful explanation
but it is not literally true, not when you examine the details. 

                                                          Henry Spencer
                                                       henry@spsystems.net



Follow-Ups: References: