Paul Wouters <p...@nohats.ca> wrote: >> You could also just say that ASBRs are presumed to be communicating >> within a well-managed environment, are often zero or one hops away from >> one another, and that this environment MUST accommodate the larger MTU >> for tunnel-mode IPsec encapsulation.
> If it’s such a trusted one hop, why do you need IPsec to signal a traffic label? It's not one hop. It could transit multipls ASs. That's why they are so concerned about MTU, and why IPTFS might help make this deployable. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec