[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges

To: Ravi Kumar <ravivsn@roc.co.in>
Subject: Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
From: Stephen Kent <kent@bbn.com>
Date: Thu, 18 Sep 2003 07:49:13 -0400
Cc: "ipsec mailingList" <ipsec@lists.tislabs.com>
In-Reply-To: <5.2.0.9.0.20030918090603.009febe0@202.125.80.81>
References: <5.2.0.9.0.20030917120621.009ef0c0@202.125.80.81><5.2.0.9.0.20030917120621.009ef0c0@202.125.80.81><5.2.0.9.0.20030918090603.009febe0@202.125.80.81>
Sender: owner-ipsec@lists.tislabs.com

At 9:06 +0530 9/18/03, Ravi Kumar wrote:
>Hi Steve,
>         Since, there is one common method being followed (which does 
>not require
>         any interoperability), I am trying to see whether we should 
>make this requirement as
>         'Should' rather than 'MUST'.
>    Thanks
>    Ravi
>

Ravi,

How would you characterize the "common method" to which you refer? I 
recall no provisions in 2401 that would allow on to characterize 
locally processed IKE traffic for processing. When we wrote 2401 we 
assumed that folks understood that this traffic need not be subject 
to the SPD/SAD controls, but we didn't make that clear. Still, a less 
than "MUST" statement may be appropriate.

Steve

References:
- Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
  - From: Ravi Kumar <ravivsn@roc.co.in>
- Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
  - From: Ravi Kumar <ravivsn@roc.co.in>

Prev by Date: Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
Next by Date: RE: 2401bis Issue #67 -- IPsec management traffic
Prev by thread: Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
Next by thread: 2401bis Issue #71 -- Add definition of reserved SPIs
Index(es):
- Date
- Thread