[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec
Subject: Re: [IPsec] IPsecME virtual meeting minutes, and way forward with fragmentation
From: "Rajeshwar Singh Jenwar (rsj)" <rsj () cisco ! com>
Date: 2013-05-19 3:05:31
Message-ID: AAB3D1882B58DF46B73D67CE475E7EA004A7C951 () xmb-rcd-x03 ! cisco ! com
[Download RAW message or body]
+1
Kind Regards,
Raj
-----Original Message-----
From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of Brian Weis \
(bew)
Sent: Friday, May 17, 2013 5:25 AM
To: Yaron Sheffer
Cc: IPsecme WG
Subject: Re: [IPsec] IPsecME virtual meeting minutes, and way forward with \
fragmentation
On May 16, 2013, at 9:57 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:
> Hi,
>
> As promised, we just had a virtual interim meeting to discuss IKEv2 fragmentation. \
> Please see the minutes below (thanks Paul!).
> Following up on this meeting, we would like to confirm the decision on the mailing \
> list:
> - The group still thinks this is an important problem that needs an interoperable \
> solution.
> - We would like to abandon the work on IKE-over-TCP.
> - And to work on IKEv2 protocol-level fragmentation, using \
> draft-smyslov-ipsecme-ikev2-fragmentation as a starting point.
> Please send your approval, disapproval or comments to the list within a week (until \
> May 23).
I approve.
[snip]
> Yaron: do we want to stay with the current TCP-based solution?
> Brian: might be running on sensors that don't have a TCP stack
Someone made this comment, but it wasn't me.
I did mention that the current TCP-based solution has the advantage of only \
re-sending the missing TCP segment, whereas current and proposed UDP-based \
fragmentation solutions re-send all packet fragments. That could be valuable for a \
VPN gateway with many peers with a lossy network. But that doesn't seem enough of a \
justification to stay with the current TCP-based solution.
Brian
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic