[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: selector exclusion lists/ranges
On Tue, 27 Nov 2001, Radia Perlman - Boston Center for Networking wrote:
> The IKEv2 spec does both of your wishes :-). See sections 2.9 and 7.13.
>
Oh.. Right. I missed the part that there can be multiple 'Traffic Selector
Substructure's. Very useful.
If I read and understood it correctly this time, does this make the
ID_RECURSE payload (Bad name.. did I already mention that?! ;) obsolete? At
least for ikev2...
jan
> Radia
>
>
> From: Ricky Charlet <rcharlet@redcreek.com>
>
> Michael Thomas wrote:
> > Thus I think we should have a requirement which
> > states:
> >
> > "The protocol MUST have the ability to express
> > port ranges for flow selectors, as well as have
> > the ability to selectively enumerate ports which
> > fall outside of the flow selector."
> >
> > Mike
>
>
>
> Ooh, ooh, ooh!! And lists (not restricted to ranges) of subnets
> bound
> to a single SA too please!
>
>
--
Jan Vilhuber vilhuber@cisco.com
Cisco Systems, San Jose (408) 527-0847
Follow-Ups:
References: