[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 Neighbour Solicitation messages and IPsec

> which in turn would prevent all communications. Also, as per RFC
> 2401 we do not in general have the possibility to specify policies
> for individual ICMP message types.

This passed the IESG in RFC 2894 (so it must be true):

   Note that for the SPD to distinguish Router Renumbering from other
   ICMP packets requires the use of the ICMP Type field as a selector.
   This is consistent with, although not mentioned by, the Security
   Architecture specification [IPSEC].

It's no contradiction with what you said, though.

Follow-Ups: References: