[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OSPF (IPv6) and IPsec



juha.ollila@nokia.com wrote:
> 
>         Hello!
> 
> Is it possible to secure a multicast OSPF (IPv6) traffic? I think that
> multicast traffic can be tunneled between the security gateways (a one to
> one connection), but it isn't an end to end solution. IPsec specifications
> mention Group Key Management Protocol (GKMP). Is it usable? MSEC and SMuG
> are standardizing protocols for securing multicast traffic, but work is
> still in progress.
> 
> /Juha


Howdy,

	You are right that multicast traffic can be tunneled between security
gateways on a 1-to-1 basis. This ability is sufficient to model an OSPF
point to point link with an IPsec tunnel. But it is insufficient to
model an OSPF broadcast LAN of more than two neighbors. 


-- 
"They that can give up essential liberty to obtain a little temporary 
safety deserve neither liberty nor safety." Benjamin Franklin

  Ricky Charlet   : SonicWall Inc.   : usa (510) 497-2103


References: