[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GSE



    > From: Iljitsch van Beijnum <iljitsch@muada.com>

    > using identifiers with regular IPv6 unicast semantics will make the
    > transition a lot easier as it allows .. providing the multihoming
    > support in separate boxes.

Umm, wouldn't you fall across the connection-hijacking issues that i)
prevented use of source route to do mobility in MIPv4, and ii) led to the
heavy-duty authentication in MIPv6?

In other words, I'm assuming you have a "multihoming support box" (MSB) which
is adding an extra layer of wrapping so that the destination address in the
inner packet is the "host identifier" of the destination, which never
changes, and the outer packet contains the current "locator".

This sounds just like MIPv6, and has all the MIPv6 security issues. Or did I
mis-understand something? E.g. were you not planning to support keeping
connections up when one address stops working?

	Noel