Re: Comments on draft-ietf-mobileip-mipv6-ha-ipsec-04.txt

[Erik Nordmark <Erik.Nordmark@sun.com>]

> Since the HA decapsulates the tunneled HOTI message from the MN, it
> reaches the CN with source address = HoA. This is true regardless of the
> outer source address of the packet tunneled to the HA by the MN; the
> presence of a HAO in the outer IP header makes no difference. 

I erronously assumed you wanted to put in on the inner header.
HOA doesn't cause a problem on the outer header.

> The outer destination address of
> the HOT sent by the HA to the MN  = CoA because that is the only way for
> the HA to reach the MN when it is not at home; whether the HOT is
> encapsulated in an IP packet with inner destination address = HoA or
> instead, a RH Type 2 header is used doesn't make a difference.

The problem for this part is that the HA forwarding the packet can't
add an RH type 2 to a packet originated by somebody else - if nothing else 
it messes up path MTU discovery since the packet too big messages would go 
to the source = CN which has no idea that the HA made the packets bigger.
Thus from HA to MN encapsulating is the only working scheme.

Of course, when encapsulating the HA could include an RH as part of
the outer headers, but I don't know what problem that solves.

   Erik