[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ipsec] Layer 2 processing inside IPsec



 In your previous mail you wrote:

   > I disagree: IPsec does not change the order 
   
   That's not at all clear to me.  
   
=> this is misunderstanding: IPsec itself doesn't change the order,
IP can change it and is run under IPsec.

   you cannot naively use ROHC over IPsec.

=> I agree. BTW I am not interested by ROHC itself but by any
compression which can work with IPsec. In fact I believe it still
has to be designed/specified.
   
   An integrated IPsec - ROHC implementation could look at the IPsec
   sequence number and insert its own reorder buffer, but such an
   integration would not be as simple as defining an IP protocol number
   for ROHC.
   
=> nothing can be simple with ROHC (:-). IMHO we talk about ROHC
just because it is the more sophisticated compression...

   It's an architectural issue.  An integrated IPsec-ROHC means that the
   ROHC would have to be inserted into the *middle* of IPsec processing,
   between the policy enforcement part and the encryption part.  
   
=> it seems we agree: something can be done but needs real work.

Thanks

Francis.Dupont@enst-bretagne.fr

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec