[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OSPF (IPv6) and IPsec
juha.ollila@nokia.com wrote:
>
> Hello!
>
> Is it possible to secure a multicast OSPF (IPv6) traffic? I think that
> multicast traffic can be tunneled between the security gateways (a one to
> one connection), but it isn't an end to end solution. IPsec specifications
> mention Group Key Management Protocol (GKMP). Is it usable? MSEC and SMuG
> are standardizing protocols for securing multicast traffic, but work is
> still in progress.
>
> /Juha
Howdy,
You are right that multicast traffic can be tunneled between security
gateways on a 1-to-1 basis. This ability is sufficient to model an OSPF
point to point link with an IPsec tunnel. But it is insufficient to
model an OSPF broadcast LAN of more than two neighbors.
--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." Benjamin Franklin
Ricky Charlet : SonicWall Inc. : usa (510) 497-2103
References: