[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [RRG] RE: Is ISATAP a practical solution?
Robin,
Some additional follow-up:
>>I am also keen to avoid anything like a SEAL header, at least
>>on the shorter packets in any map-encap tunnel.
Including the SEAL header on large packets and omitting
it on smalls is certainly an idea to be taken seriously
and not to be dismissed w/o further consideration. However,
reasons we might not want to do that include:
1) multiple encapsulation formats on the same link; could
confuse both tunnel endpoints and middleboxes
2) omission of SEAL header reduces identification to
only 16 bits; may not be sufficient for duplicate
packet and/or off-link attack detection
What are your thoughts on this?
BTW, the idea of extending the IPv4 ID to 32 bits in a
manner similar to the way SEAL does it is not new. The
earliest proposal to do this (which I came across after
publishing SEAL) was from Steve Deering on the mtudwg
mailing list in Feb. 1990:
http://ipvlx.org/mtudwg-log
but I wouldn't be surprised if there were still
earlier proposals. The primary difference between what
SEAL is doing and what Steve articulated was that Steve
proposed a new IPv4 option, whereas SEAL proposes a new
IPv4 protocol.
Thanks - Fred
fred.l.templin@boeing.com
--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg