[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKEv2:limitation of 4k for UDP payload

To: Ravi <ravivsn@roc.co.in>
Subject: Re: IKEv2:limitation of 4k for UDP payload
From: Vinay K Nallamothu <vinay-rc@naturesoft.net>
Date: 27 Mar 2003 11:36:37 +0530
Cc: ipsec@lists.tislabs.com
In-Reply-To: <3E81AE5D.7090301@roc.co.in>
References: <3E81AE5D.7090301@roc.co.in>
Sender: owner-ipsec@lists.tislabs.com

On Wed, 2003-03-26 at 19:12, Ravi wrote:
> and why UDP is chosen for IKE over TCP.
Just rewording one of the earlier discussion:

One of the design requirements is transport protocol independence
because of which IKE can not assume about the reliable streaming
capabilities of the transport layer such as TCP. This seems to be the
reason why UDP was chosen over TCP.

But this does not stop from implementing IKE over TCP. In fact few
implementations already do this. For e.g: Check Point FW-1 NG FP3

You can find the original discussion at
http://www.sandelman.ottawa.on.ca/ipsec/1999/05/msg00014.html

vinay

Follow-Ups:
- RE: IKEv2:limitation of 4k for UDP payload
  - From: "Yoav Nir" <ynir@CheckPoint.com>
- Re: IKEv2:limitation of 4k for UDP payload
  - From: Ravi <ravivsn@roc.co.in>

References:
- IKEv2:limitation of 4k for UDP payload
  - From: Ravi <ravivsn@roc.co.in>

Prev by Date: Re: AES-based PRF for IKEv2
Next by Date: RE: IKEv2:limitation of 4k for UDP payload
Prev by thread: IKEv2:limitation of 4k for UDP payload
Next by thread: RE: IKEv2:limitation of 4k for UDP payload
Index(es):
- Date
- Thread