[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] big IKE packets
>>>>> "Michael" == Michael Richardson <mcr@sandelman.ottawa.on.ca> writes:
Michael> -----BEGIN PGP SIGNED MESSAGE----- I wonder if one solution
Michael> to the problem of large IKE packets (that require
Michael> fragmentation) wouldn't be to define a fragmentation header
Michael> in IKE.
Michael> I.e. an IKEv2 payload which contains a sequence number, into
Michael> which fragments of another IKEv2 payload could be placed.
Michael> The sender would be responsible for making sure that all
Michael> fragments get sent (since each would be ACK'ed in some way
Michael> by the receiver).
If we're not satisfied with how IP does fragmentation, wouldn't it be
more reasonable to use TCP -- which handles large packets the right
way?
I dislike inventing new protocols to address previously solved
problems.
paul
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec