[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

To: ipsec@lists.tislabs.com
From: "Jiang He" <hejiang@hotmail.com>
Date: Mon, 13 May 2002 15:44:50 +0800
Sender: owner-ipsec@lists.tislabs.com

In RFC2401, for inbound processing, the following packet fields are used to 
look up the SA in the SAD: Outer Header's Destination IP address, IPsec 
Protocol and SPI. Why not simply use SPI as index? The SPI is enough to look 
up SAD.
Using SPI as index, concerning nothing about "Outer Header's Destination IP 
address", it might be convenient for SPI to be chosen so as to be a table 
index for fast lookups of SAs, and also give a favor IPSec-NAT solution.

He Jiang

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.

Follow-Ups:
- Re:
  - From: "Xu, Jia" <xujia@is.ac.cn>

Prev by Date: Re: JFK nit
Next by Date: which number is assigned to ID_IPV4_ADDR?
Prev by thread: Re: Ikev2 IKE-SA rekey collision--summary
Next by thread: Re:
Index(es):
- Date
- Thread