-----Original Message-----
From: ravi [mailto:ravivsn@roc.co.in]
Sent: Wednesday, March 19, 2003 7:05 AM
To: Yoav Nir
Cc: ipsec@lists.tislabs.com
Subject: Re: IKEv2: prepending four octets
Hi,
You prepend four zeros to IKE messages, because no
IPsec-encapsulated-in-UDP message begins with four zeros. An encapsulated
IPSec packet begins with the SPI which is always non-zero. Adding four
zeros to the beginning of an IKE message makes it possible to distinguish
IKE messages from encapsulated IPSec packets.
IKEv2 is being defined fresh. Why can't we use port 500 for the purpose of
NAT Traversal. If we make this packet also containing first four bytes
after
UDP header as 0s in case of IKE packet, then there is no need for port
4500
--Ravi
Hope this helps
Yoav
-----Original Message-----
From: owner-ipsec@lists.tislabs.com
[mailto:owner-ipsec@lists.tislabs.com]On Behalf Of ravi
Sent: Tuesday, March 18, 2003 10:11 AM
To: ipsec@lists.tislabs.com
Subject: IKEv2: prepending four octets
Dear All,
I am going through the ikev2-0.5 draft.It says
In the IKE header when sent on UDP port 4500 ,IKE messages have
prepended four octets of Zero.
My doubt is what made to prepend four octets of Zeroes before the IKE
message.
Thanks in advance,
Ravi Kumar CH.