[Ipsec] traffic selector with protocol = opaque in IKEv2

To: "James Huang" <James.Huang at watchguard.com>
Subject: [Ipsec] traffic selector with protocol = opaque in IKEv2
From: Tero Kivinen <kivinen at iki.fi>
Date: Thu, 11 Nov 2004 21:38:38 +0200
Cc: "IPsec WG \(E-mail\)" <ipsec at ietf.org>
In-reply-to: <c9a9292acdc3f1595de1f816cfcd83094193b43c@watchguard.com>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <c9a9292acdc3f1595de1f816cfcd83094193b43c@watchguard.com>
Sender: ipsec-bounces at ietf.org

James Huang writes:
> In rfc2401bis, the protocol field in a SAD entry or a SPD entry may
> be opaque.  However, the latest ikev2 draft does not specify how to
> represent opaque as the value for the protocol field in the traffic
> selector.  Am I missing something? 

>From draft-ietf-ipsec-ikev2-17.txt:

3.13.1 Traffic Selector
...
   Systems that are complying with [RFC2401bis] that wish to indicate
   "ANY" ports MUST set the start port to 0 and the end port to 65535;
   note that according to [RFC2401bis], "ANY" includes "OPAQUE".
   Systems working with [RFC2401bis] that wish to indicate "OPAQUE"
   ports, but not "ANY" ports, MUST set the start port to 65535 and
   the end port to 0.
-- 
kivinen at safenet-inc.com

_______________________________________________
Ipsec mailing list
Ipsec at ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

Follow-Ups:
- Re: [Ipsec] traffic selector with protocol = opaque in IKEv2
  - From: Saroop Mathur

References:
- [Ipsec] traffic selector with protocol = opaque in IKEv2
  - From: James Huang

Prev by Date: Re: [Ipsec] 2401bis fragment checking for BYPASS/DISCARD
Next by Date: RE: [Ipsec] traffic selector with protocol = opaque in IKEv2
Previous by thread: [Ipsec] traffic selector with protocol = opaque in IKEv2
Next by thread: Re: [Ipsec] traffic selector with protocol = opaque in IKEv2
Index(es):
- Date
- Thread

[Ipsec] traffic selector with protocol = opaque in IKEv2

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.