So DHCP could be sent in an R1 in a REQ_INFO parameter.
I2 would have the DHCP request and R2 the DHCP information?
You could pass DHCPv4/v6 as well as RA config information this way. Does
make the packets a tad bigger!
On 05/20/2014 09:13 AM, Robert Moskowitz wrote:
On 05/19/2014 02:53 PM, Miika Komu wrote:
Hi,
On 05/19/2014 09:08 PM, Robert Moskowitz wrote:
I have a real need to provide ESP tunnel mode from a HIP client to a
gateway. The world just won't go as nicely as I would have wanted it
to.
location-based security is old fashioned :(
At the application layer, tunnel mode may have some implications on
the IPv4-IPv6 interoperability aspects of HIP.
I have thought a lot about this, and BOY does it ever mess this up.
There would need to be IPv4/v6 signalling within the ESP tunnel to
make this work. The VPN interface (separate from the HIP interface)
would 'know' if the incoming packet was v4 or v6, and would tag the
ESP header appropriately?
Or no, wait, not so simple. Actually the addresses ARE in the inner
headers, I am getting confused with a HIP proxy that does not maintain
an identity for each non-HIP host :) But can ESP tunnel mix and match
v4 and v6 inner packets...
Oh my head hurts!
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
