[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Does an outbound packet need to be reroute?
> Since there is a new IP header, a new route shall be
> needed. The route can be checked evrytime or cached
> with the first packet.
>
> The selectors for the new packet shall decide whether
> further IPsec processing is required or not. It may be
> possible to still go for IPsec processing, if let us say
> we have the case of nested tunnels.
As far as I understand RFC 2401 says that only one SP should be applied
to the packet. Nested tunnels are implemented using nested SAs not SPs.
Am I wrong?
--
Alexey
References: