[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ECN tweak to Final editing instructions for ikev2 document



> 3.  ECN clarifications:
> 
> Replace the text of section 2.24 with the following, per suggested
> the rewording from David Black:
> 
> When IPsec tunnels behave as originally specified in [RFC 2401], ECN usage
> is not appropriate for the outer IP headers because tunnel decapsulation
> processing discards ECN congestion indications to the detriment of the
> network.  ECN support for IPsec tunnels for IKEv1-based IPsec requires
> multiple  operating modes and negotiation (see [RFC 3168]).  IKEv2
> simplifies this situation requiring that ECN be usable in the outer IP
> headers of all tunnel-mode IPsec SAs created by IKEv2.  Specifically,
> tunnel encapsulators and decapsulators for all tunnel-mode Security
> Associations (SAs) created by IKEv2 MUST support the ECN
full-functionality
> option for tunnels specified in [RFC3168] and MUST implement the tunnel
> encapsulation and decapsulation processing specified in [RFC2401bis] to
> prevent discarding of ECN congestion indications.

Based on subsequent list discussion with Joe Touch,
"specified in [RFC3168]" in the above should be replaced with
"specified in Section 9.1 of [RFC3168]"  .

Thanks,
--David
----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------