[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: [IPsec] IPsecME virtual meeting minutes, and way forward with fragmentation
From:       "Rajeshwar Singh Jenwar (rsj)" <rsj () cisco ! com>
Date:       2013-05-19 3:05:31
Message-ID: AAB3D1882B58DF46B73D67CE475E7EA004A7C951 () xmb-rcd-x03 ! cisco ! com
[Download RAW message or body]

+1

Kind Regards,
Raj

-----Original Message-----
From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of Brian Weis \
                (bew)
Sent: Friday, May 17, 2013 5:25 AM
To: Yaron Sheffer
Cc: IPsecme WG
Subject: Re: [IPsec] IPsecME virtual meeting minutes, and way forward with \
fragmentation


On May 16, 2013, at 9:57 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:

> Hi,
> 
> As promised, we just had a virtual interim meeting to discuss IKEv2 fragmentation. \
> Please see the minutes below (thanks Paul!). 
> Following up on this meeting, we would like to confirm the decision on the mailing \
> list: 
> - The group still thinks this is an important problem that needs an interoperable \
>                 solution.
> - We would like to abandon the work on IKE-over-TCP.
> - And to work on IKEv2 protocol-level fragmentation, using \
> draft-smyslov-ipsecme-ikev2-fragmentation as a starting point. 
> Please send your approval, disapproval or comments to the list within a week (until \
> May 23).

I approve.

[snip]

> Yaron: do we want to stay with the current TCP-based solution?
> 	Brian: might be running on sensors that don't have a TCP stack

Someone made this comment, but it wasn't me. 

I did mention that the current TCP-based solution has the advantage of only \
re-sending the missing TCP segment, whereas current and proposed UDP-based \
fragmentation solutions re-send all packet fragments. That could be valuable for a \
VPN gateway with many peers with a lossy network. But that doesn't seem enough of a \
justification to stay with the current TCP-based solution.

Brian
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic