[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: issue with "per-interface SAD/SPD"

To: "Srinivasa Rao Addepalli" <srao@intotoinc.com>
Subject: Re: issue with "per-interface SAD/SPD"
From: Stephen Kent <kent@bbn.com>
Date: Fri, 27 Jun 2003 15:09:19 -0400
Cc: <ipsec@lists.tislabs.com>
In-Reply-To: <0a7301c33c3e$e9d4c460$0202a8c0@SindhuSriha>
References: <200306091606.h59G62of004050@givry.rennes.enst-bretagne.fr><p0521060cbb1f9451143a@[128.89.89.5]><0a7301c33c3e$e9d4c460$0202a8c0@SindhuSriha>
Sender: owner-ipsec@lists.tislabs.com

What we are envisioning for 2401bis is a virtual interface ID, which 
would allow a local administrator considerable flexibility in 
deciding the granularity at which SPDs are managed. One could map all 
traffic to on VID and have just one SPD instance, or one could map 
different SSIDs to different VIDs to address the WLAN scenario you 
described. Leaving this sort of thing completely undefined is not 
attractive to me, because such ambiguity creates possible interop 
problems. I'd like to think that the VID concept, which we will 
describe in greater detail in messages next week, is a good, uniform 
interface capability that can be adapted to a wide range of 
environments.

Steve

Follow-Ups:
- Re: issue with "per-interface SAD/SPD"
  - From: "Srinivasa Rao Addepalli" <srao@intotoinc.com>

References:
- issue with "per-interface SAD/SPD"
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
- Re: issue with "per-interface SAD/SPD"
  - From: Stephen Kent <kent@bbn.com>
- Re: issue with "per-interface SAD/SPD"
  - From: "Srinivasa Rao Addepalli" <srao@intotoinc.com>

Prev by Date: Re: IKEv2 payload #14
Next by Date: RE: QoS selectors (was LAST CALL: IKE)
Prev by thread: Re: issue with "per-interface SAD/SPD"
Next by thread: Re: issue with "per-interface SAD/SPD"
Index(es):
- Date
- Thread