[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [RRG] RE: Is ISATAP a practical solution?



Robin, 

Some additional follow-up:

>>I am also keen to avoid anything like a SEAL header, at least
>>on the shorter packets in any map-encap tunnel.

Including the SEAL header on large packets and omitting
it on smalls is certainly an idea to be taken seriously
and not to be dismissed w/o further consideration. However,
reasons we might not want to do that include:

 1) multiple encapsulation formats on the same link; could
    confuse both tunnel endpoints and middleboxes
 2) omission of SEAL header reduces identification to
    only 16 bits; may not be sufficient for duplicate
    packet and/or off-link attack detection

What are your thoughts on this?

BTW, the idea of extending the IPv4 ID to 32 bits in a
manner similar to the way SEAL does it is not new. The
earliest proposal to do this (which I came across after
publishing SEAL) was from Steve Deering on the mtudwg
mailing list in Feb. 1990:

  http://ipvlx.org/mtudwg-log   

but I wouldn't be surprised if there were still
earlier proposals. The primary difference between what
SEAL is doing and what Steve articulated was that Steve
proposed a new IPv4 option, whereas SEAL proposes a new
IPv4 protocol.

Thanks - Fred
fred.l.templin@boeing.com

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg