[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges

To: Ravi Kumar <ravivsn@xxxxxxxxx>
Subject: Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
From: Stephen Kent <kent@xxxxxxx>
Date: Thu, 18 Sep 2003 07:49:13 -0400
Cc: "ipsec mailingList" <ipsec@xxxxxxxxxxxxxxxxx>
In-reply-to: <>
References: <> <> <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

At 9:06 +0530 9/18/03, Ravi Kumar wrote:

Hi Steve, Since, there is one common method being followed (which does not require any interoperability), I am trying to see whether we should make this requirement as 'Should' rather than 'MUST'. Thanks Ravi

Ravi,

How would you characterize the "common method" to which you refer? I recall no provisions in 2401 that would allow on to characterize locally processed IKE traffic for processing. When we wrote 2401 we assumed that folks understood that this traffic need not be subject to the SPD/SAD controls, but we didn't make that clear. Still, a less than "MUST" statement may be appropriate.

Steve

References:
- Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
  - From: Ravi Kumar
- Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
  - From: Ravi Kumar

Prev by Date: Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
Next by Date: Be bigger than average! - n mu lh
Previous by thread: Re:2401bis Issue #68 -- VPNs with overlapping IP address ranges
Next by thread: 2401bis Issue #69 -- Multiple protocols per SPD entry
Index(es):
- Date
- Thread