[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Modefg considered harmful
> Me too, but there was this issue of the large installed base of
> MODECFG-like things in existing implementations. Since I'm not
> an implementor, I'm in the situation where I have to believe that
> moving away from a MODECFG-like thing is a hardship.
Except that you probably *already* have a DHCP implementation already!
I believe the correct comparison is the complexity of MODECFG vs the
"DHCP to IPsec glue" code; the latter is likely to be significantly
smaller than the former.
> *If* it's acceptablet to discount such claimed hardship, then I have to
> agree with Bernards assertion that the IPSRA-style DHCP approach is
> cleaner, more flexible, and in the long-term, less work.
indeed.
- Bill