Andrew Cagney writes: > The example in: > > 3.1. Discovery of TCP Transport Support for IKEv2 > > has: > > Initiator switches to TCP:4500 for IKE_INTERMEDIATE / > IKE_AUTH / subsequent IKEv2 exchanges > > When opening the new TCP connection, does the initiator include the > IKETCP prefix; like it would if it started with TCP for IKE_SA_INIT? > > (I'm pretty sure the answer is yes, it's just that all the text says > is "the initiator MUST switch to TCP port 4500 for subsequent > exchanges")
And if it includes IKETCP string, can we define IKE32B (or something) string that would mean that the length field in the TCP stream will be 32-bits, and announce support in the IKE_SA_INIT phase, i.e., add text saying that if you support SEPARTE_TRANSPORTS, you MUST support (and perhaps even use?) IKE32B on tcp traffic. -- [email protected] _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
