[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is TS agreement necessary?

To: "Chinna N.R. Pellacuru" <pcn@cisco.com>
Subject: Re: Is TS agreement necessary?
From: Kalyan Bade <kalyan@juniper.net>
Date: Fri, 05 Apr 2002 12:37:59 -0800
CC: Stephen Kent <kent@bbn.com>, ipsec mailling list <ipsec@lists.tislabs.com>
Organization: Juniper Networks
References: <Pine.GSO.4.44.0204051222370.3957-100000@cypher.cisco.com>
Reply-To: kalyan@juniper.net
Sender: owner-ipsec@lists.tislabs.com

> Infact the majority of what we call "site-to-site" deployments use GRE as
> a point-to-point virtual link, and use IPsec to protect the GRE tunnel.
> But, not everybody implements GRE, and this becomes an interoperability
> issue.
> 
> I agree, it would be very useful to specify an interoperable way of having
> an IPsec tunnel be treated as a virtual point-to-point link, and not have
> to rely on GRE always. GRE has some more benefits like we can encapsulate
> all kinds of protocols in GRE, and not just IP.

I agree that it can done with GRE + IPsec transport mode. But, why in
the first place we have to do GRE when we can tunnel it directly through
IPsec (talking about IP traffic only). Is the RFC against it ? Am I
missing anything here ?

Thanks,
Kalyan.

Follow-Ups:
- Re: Is TS agreement necessary?
  - From: "Chinna N.R. Pellacuru" <pcn@cisco.com>

References:
- Re: Is TS agreement necessary?
  - From: "Chinna N.R. Pellacuru" <pcn@cisco.com>

Prev by Date: Re: Is TS agreement necessary?
Next by Date: Re: Is TS agreement necessary?
Prev by thread: Re: Is TS agreement necessary?
Next by thread: Re: Is TS agreement necessary?
Index(es):
- Date
- Thread