[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Ipsec] Layer 2 processing inside IPsec



At 1:31 AM -0700 7/5/04, Paul Lambert wrote:
>Two interesting examples of non-IP next protocols are carring L2 traffic
>on ESP or onion-routing where it's handy to carry ESP on ESP.  In both
>cases the end addresses are inside the tunnel, they just are not 'next'.
>In both cases, they are clearly not the final end-system, so they are
>not transport mode.


Paul,

I think you have failed to take note of the changes to the transport 
mode description that are in 2401bis. We explicitly allow transport 
mode for overlay nets and the like, and explain how to deal with 
traffic in this context. So, my comments stand.

Steve

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec