[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CONSENSUS TEST: Fragmentation handling

To: Tero Kivinen <kivinen@iki.fi>
Subject: Re: CONSENSUS TEST: Fragmentation handling
From: Stephen Kent <kent@bbn.com>
Date: Wed, 7 Apr 2004 11:11:21 -0400
Cc: ipsec@lists.tislabs.com
In-reply-to: <16499.53929.188242.629272@fireball.acr.fi>
References: <p06020400bc84e3428b9d@[128.89.89.75]><16480.15529.482315.278735@fireball.acr.fi><p06020405bc8617b47e2c@[128.89.89.75]><016c01c416c3$eb1d8270$861167c0@adithya><p06020400bc90995b65a1@[128.89.89.75]><16492.6896.588750.18184@fireball.acr.fi><p06020407bc91e352bb42@[128.89.89.75]><16493.10872.196792.111195@fireball.acr.fi><p06020418bc932db12995@[128.89.89.75]> <20040406162758.GA10072@thunk.org><1529.1081282308@marajade.sandelman.ottawa.on.ca><p0602041abc98d12987f7@[128.89.89.75]><16499.53929.188242.629272@fireball.acr.fi>
Sender: owner-ipsec@lists.tislabs.com

At 1:06 PM +0300 4/7/04, Tero Kivinen wrote:
>Stephen Kent writes:
>>  >   I'm unclear how a responder knows that a non-initial fragment SA is
>>  >being negotiated in IKE. Is it based only on the OPAQUE value as
>>  >port-selectors? What about the protocol?
>>
>>  The use of OPAQUE is now restricted to carriage of non-initial
>>  fragments, after the change that Mark suggested. so, yes, negotiating
>>  an SA with port fields set to OPAQUE indicates that the SA is used to
>>  carry non-initial fragments. for IPv4, this is irrespective of the
>>  port field selector, which could be specific, or ANY.  for v6, it is
>   ^^^^^^^^^^
>
>I assume this should be "protocol field selector", not "port"

whoops. yes, I meant protocol, not port.


I like your suggestion of NON_FIRST_FRAGMENTS_ALSO as a notification.

Steve

References:
- Re: 2nd try
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: 2nd try
  - From: Stephen Kent <kent@bbn.com>
- Re: 2nd try
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: 2nd try
  - From: Stephen Kent <kent@bbn.com>
- CONSENSUS TEST: Fragmentation handling
  - From: "Theodore Ts'o" <tytso@mit.edu>
- Re: CONSENSUS TEST: Fragmentation handling
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
- Re: CONSENSUS TEST: Fragmentation handling
  - From: Stephen Kent <kent@bbn.com>
- Re: CONSENSUS TEST: Fragmentation handling
  - From: Tero Kivinen <kivinen@iki.fi>

Prev by Date: Re: Disposition of the IKEv2 ID_KEY_ID type
Next by Date: Re: CONSENSUS TEST: Fragmentation handling
Previous by thread: Re: CONSENSUS TEST: Fragmentation handling
Next by thread: Re: CONSENSUS TEST: Fragmentation handling
Index(es):
- Date
- Thread