[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Does an outbound packet need to be reroute?

To: ipsec@lists.tislabs.com
Subject: Re: Does an outbound packet need to be reroute?
From: alexey.vyskubov@nokia.com (Alexey Vyskubov)
Date: Tue, 2 Oct 2001 13:19:58 +0300
In-Reply-To: <DC504E9C3384054C8506D3E6BB01246005AFD3@bsebe001.NOE.Nokia.com>
Mail-Followup-To: ipsec@lists.tislabs.com
References: <DC504E9C3384054C8506D3E6BB01246005AFD3@bsebe001.NOE.Nokia.com>
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Mutt/1.3.22i

> Since there is a new IP header, a new route shall be
> needed. The route can be checked evrytime or cached
> with the first packet.
> 
> The selectors for the new packet shall decide whether
> further IPsec processing is required or not. It may be 
> possible to still go for IPsec processing, if let us say
> we have the case of nested tunnels.

As far as I understand RFC 2401 says that only one SP should be applied
to the packet. Nested tunnels are implemented using nested SAs not SPs.

Am I wrong?

-- 
Alexey

References:

RE: Does an outbound packet need to be reroute?

From: "Sharma Atul (NVO/Boston)" <Atul.Sharma@nokia.com>

Prev by Date: RE: AES with SHA-2
Next by Date: Re: Does an outbound packet need to be reroute?
Prev by thread: RE: Does an outbound packet need to be reroute?
Next by thread: Re: Does an outbound packet need to be reroute?
Index(es):
- Main
- Thread