[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis

To: Matt Mathis <mathis at psc.edu>
Subject: Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
From: Michael Richardson <mcr at sandelman.ottawa.on.ca>
Date: Sat, 16 Oct 2004 20:23:33 -0400
Cc: Path MTU Discovery WG <pmtud at ietf.org>
In-reply-to: Message from Matt Mathis <mathis@psc.edu> of "Sat, 16 Oct 2004 19:45:18 EDT." <Pine.LNX.4.60.0410161932390.847@zippy.psc.edu>
List-archive: <http://www1.ietf.org/pipermail/pmtud>
List-help: <mailto:pmtud-request@ietf.org?subject=help>
List-id: Path Maximum Transmission Unit Discovery <pmtud.ietf.org>
List-post: <mailto:pmtud@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/pmtud>, <mailto:pmtud-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/pmtud>, <mailto:pmtud-request@ietf.org?subject=unsubscribe>
References: <Pine.LNX.4.60.0410161932390.847@zippy.psc.edu>
Sender: pmtud-bounces at ietf.org

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Matt" == Matt Mathis <mathis at psc.edu> writes:
    Matt> For example:
    Matt> 20 : IPv4 in IP
    Matt> 12 : IPsec ESP_AUTH

  Not correct, really.
  You want to list end-application, not protocol.
  Typical VPN usage of IPsec is either:

	  IP ESP IPcomp IP payload

  If IPcomp fails to compress, then the overhead is:	
          ESP = 4 for SPI
              + 4 for replay counter
	      + 8 for IV
	      + 4 for block padding 
	      + 12 for HMAC
	      = 32
          IPIP+ 20
              =>52    

  VPN a la microsoft:
	IP ESP UDP L2TP PPP IP payload
       
          ESP  = 32
	  UDP  = 14
	  L2TP =  8 (as I recall)
          PPP  =  2
	  IP   = 20
          total  76

    Matt> 24 : IPsec AH, IPsec ESP_CIPHER

  Well this combination is strongly deprecated.

- --
]     "Elmo went to the wrong fundraiser" - The Simpson         |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQXG7b4qHRg3pndX9AQHBCwP+L5C3qX/68d6f63LINLzPJyi3+n2A0ocN
v5EjttebgCpZquDSy/eHDJnIRKDCRSgYkX3Gb2Cb7lFF/Gwv39Td2lKvmJPya8Cz
rwdmdld/k3/5JYsnpELCGUibTB1tOdxcaPKhwucFpim7U6U1wvY57VWGuLugiVsR
ECYZOYx2zDo=
=F8L4
-----END PGP SIGNATURE-----

_______________________________________________
pmtud mailing list
pmtud at ietf.org
https://www1.ietf.org/mailman/listinfo/pmtud

Follow-Ups:
- Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
  - From: Matt Mathis

References:
- [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
  - From: Matt Mathis

Prev by Date: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
Next by Date: [no subject]
Previous by thread: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
Next by thread: Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
Index(es):
- Date
- Thread