[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Ipsec] Layer 2 processing inside IPsec
At 1:31 AM -0700 7/5/04, Paul Lambert wrote:
>Two interesting examples of non-IP next protocols are carring L2 traffic
>on ESP or onion-routing where it's handy to carry ESP on ESP. In both
>cases the end addresses are inside the tunnel, they just are not 'next'.
>In both cases, they are clearly not the final end-system, so they are
>not transport mode.
Paul,
I think you have failed to take note of the changes to the transport
mode description that are in 2401bis. We explicitly allow transport
mode for overlay nets and the like, and explain how to deal with
traffic in this context. So, my comments stand.
Steve
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec