[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: QoS selectors (was LAST CALL: IKE)

>So it seems like the sender, which knows it wants to send n different
>TOSs for which speeds will vary, can open n SAs, and choose which
>of the TOSs to send on which of them.

I don't see why we would want to do it that way. The problem isn't so much 
on the initiator side. We negotiate SAs in pairs, so if the initiator sets 
up 5 SAs, the responder now has to monitor the traffic on the inbound SAs in 
order to figure out what QoS applies to the outbound SA. This, of course, 
assumes that we want to match the selectors on the inbound and outbound SAs, 
which I would prefer. Sure we could do this heuristically, but why would we 
want to?

Lead something-or-other at Fortinet Technologies
"Always post from the address that already
receives the most spam." -- Sun Tzu

The new MSN 8: advanced junk mail protection and 2 months FREE*