[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IKEv2:limitation of 4k for UDP payload
Hi,
I understand this was discussed several times and I could not find clear
answer. Please bear with me and I hope some body clarifies it for me.
I have some practical problem where the one of TCP/IP stacks which I am working
with has limitation of 4K for UDP payload. I understand, when certificate
authentication is involved, IKE not only sends the certificate but also multiple
CA certificates (if cross chaining is present). This might overshoot the 4K limit.
We are trying to work with TCP/IP stack vendor to increase this. But I had this doubt
and why UDP is chosen for IKE over TCP. If TCP is chosen, there is no limitation
on the payload. It seems DNS RFC does this. It listens on both UDP and TCP port 53.
Why can't IKEv2 also standardize both UDP and TCP port 4500?
Thanks in advance
--
The views presented in this mail are completely mine. The company is not responsible for whatsoever.
----------
Ravi Kumar CH
Rendezvous On Chip (i) Pvt Ltd
Hyderabad, India
Ph: +91-40-2335 1214 / 1175 / 1184
ROC home page