[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Ipsec] IPSec Outbound Packet Processing Questions

To: <ipsec@ietf.org>
Subject: [Ipsec] IPSec Outbound Packet Processing Questions
From: "Hazem Hamed" <hhamed@cs.depaul.edu>
Date: Wed, 2 Jun 2004 10:26:20 -0500
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=unsubscribe>
Sender: ipsec-bounces@ietf.org

Hi Everybody,

I am a PhD student in DePaul University, Chicago doing research in IPSec. I need clarification about the operation of SPD lookup for outbound packets.

First question, it's not clear how an SA bundle is formed, and if all SAs in the bundle get the same SPI. Is it constructed by matching an outbound packet against multiple SPD rules each pointing to one transform, or matching the packet against one rule that points to multipe transforms?

Second question is about outbound packet matching. Can a packet match multiple SPD rules? If yes, how are these rules applied to the packet in such a case?

Any cooperation is highly appreciated.

-Hazem

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

Follow-Ups:
- Re: [Ipsec] IPSec Outbound Packet Processing Questions
  - From: Karen Seo <kseo@bbn.com>

Prev by Date: [Ipsec] Encrypted document
Next by Date: Re: [Ipsec] IKEv2 and EAP-SIM
Previous by thread: [Ipsec] Encrypted document
Next by thread: Re: [Ipsec] IPSec Outbound Packet Processing Questions
Index(es):
- Date
- Thread