Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Michael Richardson
Ben Schwartz wrote: >> Ben Schwartz wrote: >> > >> > The real motivation to support AH in this draft comes down to MTU >> > overhead. Going from 24 bytes of MTU loss to 73 bytes seems >> > potentially significant, especially because: >> >> Where will you pu

Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Michael Richardson
Paul Wouters wrote: >> You could also just say that ASBRs are presumed to be communicating >> within a well-managed environment, are often zero or one hops away from >> one another, and that this environment MUST accommodate the larger MTU >> for tunnel-mode IPsec encapsulation.

Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Paul Wouters
On Sun, 23 Oct 2022, Erik Kline wrote: > You could also just say that ASBRs are presumed to be communicating within a well-managed environment, are often zero or one hops away from one another, and that this environment MUST accommodate the larger MTU for tunnel-mode IPsec e

Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Ben Schwartz
On Sun, Oct 23, 2022 at 9:08 AM Michael Richardson wrote: > > Ben Schwartz wrote: > > > The real motivation to support AH in this draft comes down to MTU > > overhead. Going from 24 bytes of MTU loss to 73 bytes seems > > potentially significant, especially because: > > Where

Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Ben Schwartz
On Fri, Oct 21, 2022 at 11:50 PM Erik Kline wrote: > I suppose you could try to add a "we're exempt from 8200" paragraph and > see what happens. > > You could also just say that ASBRs are presumed to be communicating within > a well-managed environment, are often zero or one hops away from one >

Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Erik Kline
On Sun, Oct 23, 2022 at 9:37 AM Paul Wouters wrote: > On Oct 21, 2022, at 23:50, Erik Kline wrote: > > > >  > > You could also just say that ASBRs are presumed to be communicating > within a well-managed environment, are often zero or one hops away from one > another, and that this environment

Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Paul Wouters
On Oct 21, 2022, at 23:50, Erik Kline wrote: > >  > You could also just say that ASBRs are presumed to be communicating within a > well-managed environment, are often zero or one hops away from one another, > and that this environment MUST accommodate the larger MTU for tunnel-mode > IPsec en

Re: [IPsec] Fwd: New Version Notification for draft-xu-risav-02.txt

2022-10-23 Thread Michael Richardson
Ben Schwartz wrote: >> Ben Schwartz wrote: > We've just >> put out an extensively revised version of our RISAV proposal > (the I >> stands for IPsec). We'd like to start getting feedback from the > >> IPsec experts. We're also hoping to present this idea and solicit > >> fe