Re: Internal WG Review: Mobility for IPv4 (mip4)

[Pete McCann <mccap@lucent.com>]

Hi,

Henrik has worked with these drafts a lot more than I have, but let me
take a shot at answering your question.  See below.

Russ Housley writes:
 > What is IPsec being used to protect?  Is it protecting host-to-host 
 > traffic? Or, it it protecting traffic to some mobility-infrastructure 
 > intermediary like the home agent?

Primarily, I think the interest is in the latter, i.e., interactions
between a VPN client as we know it today (i.e., IPSec tunnel to a home
network firewall, then unprotected traffic beyond that) and mobility
management.  There are various scenarios where a Mobile IPv4 Home
Agent can be inside or outside the home network or where there can be
two home agents, one inside and one outside.

 > Or, will different scenarios consider 
 > each possibility?

Nothing prohibits the use of IPSec for any host-to-host communication
that might take place.  If those peer hosts are inside the home
network, then that might entail double-IPSec for that traffic.

-Pete

 > Russ
 > 
 > At 09:57 AM 7/31/2003 -0400, iesg-secretary@ietf.org wrote:
 > >  6. The MIP4 WG will also complete the work on Mobile IPv4 interactions
 > >        in VPN scenarios. This work will involve identifying the requirements
 > >        and a solution development for Mobile IPv4 operation in the presence
 > >        of IPsec VPN's.