[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Multicast and anycast addresses and policy selectors

To: ipsec@lists.tislabs.com
Subject: Multicast and anycast addresses and policy selectors
From: juha.ollila@nokia.com
Date: Wed, 9 Jan 2002 14:52:49 +0200
Sender: owner-ipsec@lists.tislabs.com

	Hello!

Is it required to support use of anycast and multicast addresses as
source
IP address policy selectors in IPsec implementations?

RFC2401 specifies that the source IP address selector must support
anycast
and multicast addresses:

      - Source IP Address(es) (IPv4 or IPv6): this may be a single IP
        address (unicast, anycast, broadcast (IPv4 only), or multicast
        group), range of addresses (high and low values inclusive),
        address + mask, or a wildcard address.  The last three are used
        to support more than one source system sharing the same SA
        (e.g., behind a security gateway or in a multihomed host).
        [REQUIRED for all implementations]

RFC2373 specifies that source IP address must not be anycast or
multicast
address:
      o An anycast address must not be used as the source address of an
        IPv6 packet.
   Multicast addresses must not be used as source addresses in IPv6
   packets or appear in any routing header.

/Juha Ollila

Prev by Date: Re: [ A problem ]
Next by Date: Test vectors for ESP/AES - draft-ietf-ipsec-ciph-aes-cbc-03.txt
Prev by thread: Re: draft-ietf-ipsec-ikev2-00.txt
Next by thread: Test vectors for ESP/AES - draft-ietf-ipsec-ciph-aes-cbc-03.txt
Index(es):
- Date
- Thread