[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Transport / Tunnel Mode
Hi
As per RFC 2402 under 1 i.e. definition
and scope
" The requirement for any (transit
traffic) SA involving a
security gateway to be a tunnel SA arises due to the
need to avoid
potential problems with regard to fragmentation and reassembly
of
IPsec packets, and in circumstances where multiple paths (e.g., via
different security gateways) exist to the same destination behind the
security gateways. "
Can any one please explain , How we can avoid
fragmentation / ressembly in
tunnel mode and why it is not possible in
transport mode .
WHY IN SECURITY GATEWAY IT IS REQUIRED TO USE
TUNNEL
MODE ONLY ??
Cheers
Akshay
Follow-Ups: