Re: [MEXT] TLV header in DSMIP

[Hesham Soliman <hesham at elevatemobile.com>]

>> Folks,
>>
>> During one of the reviews for DSMIP the issue came up regarding the
>> TLV header Type field values and how the current spec doesn't  
>> describe
>> how it can be used for IPsec.
>
> What was the issue?

=> The use of IPsec with this format was not specified. Sec AD's  
comment.

>
>
>> After looking into this a bit I don't see why we would need IPsec for
>> this. We originally defined because people wanted to use GRE so the
>> format would be:
>> IP
>> UDP
>> GRE
>> IP
>> ...etc
>>
>> It seems like it would be sufficient to only define this now for GRE
>> and if someone comes up with a need for using IP/IPsec directly after
>> the TLV header they can define that behaviour and request a new type
>> value.
>>
>> So the new draft would only allocate one value for GRE.
>>
>> Any objections to this ?
>
> Yes. When we specified the TLV header, it was felt that the mobile
> node and the home agent need can use the same UDP port for
> both traffic tunneled with ESP encryption and for traffic without ESP
> encryption. The same TLV header would tell the home agent whether
> there is a GRE, IPv4, IPv6 or IPsec header that follows the TLV
> header.

=> None of the above is impacted. The suggestion here is that this  
gets done in a separate document. The TLV is still specified with GRE  
in the current spec.
You can specify it for IP, IPsec ...etc in another draft. It's a  
matter of doing things in a modular way for the sake of documentation.  
There is no technical difference.

>
>
> Without this, you end up using UDP port 4500 for IPsec protected
> data traffic between the mobile node and the home agent and the
> DS-MIPv6 UDP port for non-IPsec protected data traffic between the
> mobile node and the home agent. I would prefer to avoid this.

=> See above, this is not an issue.

Hesham
_______________________________________________
MEXT mailing list
MEXT at ietf.org
https://www.ietf.org/mailman/listinfo/mext