[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Internal WG Review: Mobility for IPv4 (mip4)
Hi,
Henrik has worked with these drafts a lot more than I have, but let me
take a shot at answering your question. See below.
Russ Housley writes:
> What is IPsec being used to protect? Is it protecting host-to-host
> traffic? Or, it it protecting traffic to some mobility-infrastructure
> intermediary like the home agent?
Primarily, I think the interest is in the latter, i.e., interactions
between a VPN client as we know it today (i.e., IPSec tunnel to a home
network firewall, then unprotected traffic beyond that) and mobility
management. There are various scenarios where a Mobile IPv4 Home
Agent can be inside or outside the home network or where there can be
two home agents, one inside and one outside.
> Or, will different scenarios consider
> each possibility?
Nothing prohibits the use of IPSec for any host-to-host communication
that might take place. If those peer hosts are inside the home
network, then that might entail double-IPSec for that traffic.
-Pete
> Russ
>
> At 09:57 AM 7/31/2003 -0400, iesg-secretary@ietf.org wrote:
> > 6. The MIP4 WG will also complete the work on Mobile IPv4 interactions
> > in VPN scenarios. This work will involve identifying the requirements
> > and a solution development for Mobile IPv4 operation in the presence
> > of IPsec VPN's.