> On 2 Nov 2016, at 18:19, Michael Richardson <mcr+i...@sandelman.ca> wrote: > > > Yoav Nir <ynir.i...@gmail.com> wrote: >> 4 Why do we need a new port? What goes wrong if the >> packets go to port 4500? > > I think that TE/load-balancer in the network calculates the same tuple hash > and so takes the same path. (Presuming that it ignores the source UDP port)
I don’t follow. The draft requests a new destination port from IANA. Let’s assume it is 14500. What is the difference between having every gateway send traffic with the 5-tuple (me, random_port, UDP, you, 4500) and having every gateway send traffic with the 5-tuple (me, random_port, UDP, you, 14500) ? Sending UDP-encapsulated traffic from a random port works today, and has the advantage that middleboxes trying to classify traffic already know what it is. Yoav . _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec