[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: draft-ietf-ipsec-udp-encaps-04.txt
Also, note that TCP-in-TCP encapsulation has very poor performance
characteristics. Since the original packet is very likely to be TCP,
attempts to wrap the IPsec-encapsulated packet in TCP are likely to lead to
disaster.
Andrew
--------------------------------------
The odd thing about fairness is when
we strive so hard to be equitable
that we forget to be correct.
> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Ari Huttunen
> Sent: Monday, November 11, 2002 5:32 AM
> To: HOULLIER Francis FTRD/DMI/CAE
> Cc: ipsec@lists.tislabs.com
> Subject: Re: draft-ietf-ipsec-udp-encaps-04.txt
>
>
> HOULLIER Francis FTRD/DMI/CAE wrote:
> > Hi all,
> >
> > Is there any work around "TCP encapsulation of IPSec packets" ?
> > Thanks
>
> No. It doesn't buy you anything, just adds complexity.
>
> Ari
>
>
> --
> I play it cool and dig all jive,
> that's the reason I stay alive.
> My motto as I live and learn,
> is dig and be dug in return. <Langston Hughes>
>
> Ari Huttunen phone: +358 9 2520 0700
> Software Architect fax : +358 9 2520 5001
>
> F-Secure Corporation http://www.F-Secure.com
>
> F(ully)-Secure products: Securing the Mobile Enterprise
>