[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis

To: Michael Richardson <mcr at sandelman.ottawa.on.ca>
Subject: Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
From: Matt Mathis <mathis at psc.edu>
Date: Wed, 20 Oct 2004 15:28:02 -0400 (EDT)
Cc: Path MTU Discovery WG <pmtud at ietf.org>
In-reply-to: <5607.1097972613@marajade.sandelman.ottawa.on.ca>
List-archive: <http://www1.ietf.org/pipermail/pmtud>
List-help: <mailto:pmtud-request@ietf.org?subject=help>
List-id: Path Maximum Transmission Unit Discovery <pmtud.ietf.org>
List-post: <mailto:pmtud@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/pmtud>, <mailto:pmtud-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/pmtud>, <mailto:pmtud-request@ietf.org?subject=unsubscribe>
References: <Pine.LNX.4.60.0410161932390.847@zippy.psc.edu> <5607.1097972613@marajade.sandelman.ottawa.on.ca>
Sender: pmtud-bounces at ietf.org

Can you site documents for these numbers?

Have full VPNs effectively deprecated most other tunnels? I think there are several flavors of IP-in-IP tunnels for things like IPv6 migration, mobility, etc.

Thanks,
--MM--
-------------------------------------------
Matt Mathis      http://www.psc.edu/~mathis
Work:412.268.3319    Home/Cell:412.654.7529
-------------------------------------------
Evil is defined by people who think they know
"The Truth" and use force to apply it to others.

On Sat, 16 Oct 2004, Michael Richardson wrote:

-----BEGIN PGP SIGNED MESSAGE-----

"Matt" == Matt Mathis <mathis at psc.edu> writes:

   Matt> For example:
   Matt> 20 : IPv4 in IP
   Matt> 12 : IPsec ESP_AUTH

 Not correct, really.
 You want to list end-application, not protocol.
 Typical VPN usage of IPsec is either:

	  IP ESP IPcomp IP payload

 If IPcomp fails to compress, then the overhead is:
         ESP = 4 for SPI
             + 4 for replay counter
	      + 8 for IV
	      + 4 for block padding
	      + 12 for HMAC
	      = 32
         IPIP+ 20
             =>52

 VPN a la microsoft:
	IP ESP UDP L2TP PPP IP payload

         ESP  = 32
	  UDP  = 14
	  L2TP =  8 (as I recall)
         PPP  =  2
	  IP   = 20
         total  76

   Matt> 24 : IPsec AH, IPsec ESP_CIPHER

 Well this combination is strongly deprecated.

- --
]     "Elmo went to the wrong fundraiser" - The Simpson         |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQXG7b4qHRg3pndX9AQHBCwP+L5C3qX/68d6f63LINLzPJyi3+n2A0ocN
v5EjttebgCpZquDSy/eHDJnIRKDCRSgYkX3Gb2Cb7lFF/Gwv39Td2lKvmJPya8Cz
rwdmdld/k3/5JYsnpELCGUibTB1tOdxcaPKhwucFpim7U6U1wvY57VWGuLugiVsR
ECYZOYx2zDo=
=F8L4
-----END PGP SIGNATURE-----

_______________________________________________
pmtud mailing list
pmtud at ietf.org
https://www1.ietf.org/mailman/listinfo/pmtud


_______________________________________________
pmtud mailing list
pmtud at ietf.org
https://www1.ietf.org/mailman/listinfo/pmtud

Follow-Ups:
- Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
  - From: Fred Templin

References:
- [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
  - From: Matt Mathis
- Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
  - From: Michael Richardson

Prev by Date: Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
Next by Date: Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
Previous by thread: Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
Next by thread: Re: [pmtud] I am currently updating draft-ietf-pmtud-method-02bis
Index(es):
- Date
- Thread