Download presentation
Presentation is loading. Please wait.
Published byAshlynn Pitts Modified over 8 years ago
1
draft-ietf-v6ops-ipsec-tunnels-03 Using IPsec to Secure IPv6-in-IPv4 Tunnels draft-ietf-v6ops-ipsec-tunnels-03 Richard Graveman Mohan Parthasarathy Pekka Savola (editing) Hannes Tschofenig IETF 67, 6 November 2006 San Diego
2
draft-ietf-v6ops-ipsec-tunnels-03 History Completed WG LC in August 2005 Added brief discussion of AH Fixed BYPASS rule Received reviews from P. Eronen and F. Dupont Fixed PAD and other easy items Supporting IPsec tunnel mode turned out to be more complicated Recommended supporting just transport mode IPsec at last meeting Followed up on subsequent discussion and posted -03
3
draft-ietf-v6ops-ipsec-tunnels-03 Version -03 Changes Aligns SPD representation format with RFC 4301 Describes IKEv2 Peer Authorization Database (PAD) entries At least IPv4 addresses and shared keys should be supported Adds references to other documents describing using transport mode in a similar context (RFC3884, RFC3193, RFC4023) Moves tunnel mode discussion to appendix Recommends transport mode Keeps discussion of the tunnel mode issues Notes that tunnel mode (when implemented without an interface) may be applicable in scenarios where the lack of multicast and link-local traffic is not an issue and, e.g., MOBIKE is needed Moves tunnel mode implementation approach discussion to appendix Interface or not, SSPD/GSPD Also moves Dynamic Address Configuration, NAT traversal and Mobility, and Tunnel Endpoint Discovery to appendix The first two are most applicable to tunnel mode which is in appendix The last requires manual configuration so TEP discovery does not work well right now
4
draft-ietf-v6ops-ipsec-tunnels-03 Summary Authors believe all issues have been addressed Suggest one-week WG LC
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.