[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

VPN Touch doc

To: iesg@ietf.org
Subject: VPN Touch doc
From: hardie@qualcomm.com
Date: Thu, 18 Sep 2003 10:33:09 -0700

3.3 Solving Problem 2: Source Address Selection

   Section 2.4 gave an overview of IP source address selection and its
   dependence on interfaces and routes.

   Using RFC 2003 IPIP tunnel devices for VN links, instead of IPsec
   tunnel mode SAs, solves this issue directly. The IPIP tunnels are
   full-fledged interfaces with associated routes, so that routes [N4]
   and address selection as described in [N6] can operate as specified.

*****>>>This doesn't seem to be an adequate treatment of the problem.  In
general, the host may still have to select among multiple possible source
addresses; is this trying to say that by specifying a system in which
the tunnels are interfaces the problem collapses from source selection
to interface selection?  If so, a more fully worked example of why this
works for the examples given seems like it would be useful.

Follow-Ups:
- Re: VPN Touch doc
  - From: "Steven M. Bellovin" <smb@research.att.com>

Prev by Date: government control of the Internet
Next by Date: Informational RFC to be: draft-hayashi-igap-03.txt
Previous by thread: government control of the Internet
Next by thread: Re: VPN Touch doc
Index(es):
- Date
- Thread