From: Michael Richardson <[email protected]> Jun Hu \(Nokia\) <[email protected]> wrote: > [HJ] Nokia SROS supports both AH and ESP for OSPFv3, and I believe most > if not all other major router/switch vendors (like Cisco, Juniper, > Huawei..etc) have same support. So it is safe to assume there are some > OSPFv3 deployments in the world using AH. Could these deployments > switch to ESP? maybe from pure technical point of view, but it is > always difficult to change a infrastructure level routing protocol > configuration like OSPFv3 in a deployed network.
Never been deployable for multicast routing protocols. Nice theory. What key management would they use? G-IKEv1? Wouldn't work; because you wouldn't be able to do key negotiation until you have connectivity, and you wouldn't have connectivity until you do OSPFv3. So, in order to make it work, you need both secured and insecured OSPFv3. Thus, same problem as SEND. Or, you need manually keyed AH, preconfigured, at the console, by an operator. [HJ] Nokia SROS using manual keying , and I believe Cisco and Juniper do the same. _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
