[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: QoS selectors (was LAST CALL: IKE)


>>>>> "Radia" == Radia Perlman <- Boston Center for Networking <Radia.Perlman@sun.com>> writes:
    Radia> Hmm. Actually, I think there is no reason to negotiate which
    Radia> TOS values go on which SA. The reason for different SAs for
    Radia> different TOS values is so that the sequence numbers don't get
    Radia> too far off (assuming that different TOS's go at different speeds).

    Radia> So it seems like the sender, which knows it wants to send n
    Radia> different 
    Radia> TOSs for which speeds will vary, can open n SAs, and choose which
    Radia> of the TOSs to send on which of them.

  Sounds good in theory.
  It is not clear to me that everyone agrees that they can negotiate multiple
SAs with IKEvX that do not apparently differ in terms of negotiated

  Further, the *responding* system doesn't know what the initiator wanted,
so even if the initiator knows how to demux, it needs a way to tell the

    Radia> A few of us had worked out language in the hallway at the last IETF,
    Radia> explicitly saying things like that only the creator of an SA could
    Radia> delete a redundant SA, but I think it was declared too late to make
    Radia> design decisions like that that might have other implications.

  That sounds okay, but still isn't perfect.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys