Re: [IPsec] Fwd: New Version Notification for draft-colitti-ipsecme-esp-ping-01.txt
"Panwei (William)" <william.panwei@huawei.com> Tue, 26 March 2024 09:25 UTC
Return-Path: <william.panwei@huawei.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A1CFC14F68B for <ipsec@ietfa.amsl.com>; Tue, 26 Mar 2024 02:25:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p0upZzzpDUnd for <ipsec@ietfa.amsl.com>; Tue, 26 Mar 2024 02:25:37 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A73D1C151536 for <ipsec@ietf.org>; Tue, 26 Mar 2024 02:24:18 -0700 (PDT)
Received: from mail.maildlp.com (unknown [172.18.186.31]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4V3kln5wFqz6H7TG; Tue, 26 Mar 2024 17:19:49 +0800 (CST)
Received: from lhrpeml100004.china.huawei.com (unknown [7.191.162.219]) by mail.maildlp.com (Postfix) with ESMTPS id 4CC59140B2A; Tue, 26 Mar 2024 17:24:15 +0800 (CST)
Received: from kwepemi500009.china.huawei.com (7.221.188.199) by lhrpeml100004.china.huawei.com (7.191.162.219) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Tue, 26 Mar 2024 09:24:14 +0000
Received: from kwepemi500010.china.huawei.com (7.221.188.191) by kwepemi500009.china.huawei.com (7.221.188.199) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Tue, 26 Mar 2024 17:24:13 +0800
Received: from kwepemi500010.china.huawei.com ([7.221.188.191]) by kwepemi500010.china.huawei.com ([7.221.188.191]) with mapi id 15.01.2507.035; Tue, 26 Mar 2024 17:24:13 +0800
From: "Panwei (William)" <william.panwei@huawei.com>
To: Jen Linkova <furry13@gmail.com>, "ipsec@ietf.org" <ipsec@ietf.org>
CC: Lorenzo Colitti <lorenzo@google.com>, Michael Richardson <mcr+ietf@sandelman.ca>
Thread-Topic: [IPsec] Fwd: New Version Notification for draft-colitti-ipsecme-esp-ping-01.txt
Thread-Index: AQHaayQFUr6vZiHeJEm4rFfwTHJng7FJ2NuA
Date: Tue, 26 Mar 2024 09:24:12 +0000
Message-ID: <4b44a218c77a49edbaecd3b524dbaac7@huawei.com>
References: <170922023791.21652.13338059706655424526@ietfa.amsl.com> <CAFU7BAQuNkHDRidjQqGbXySKJ1FCRKuAksDa0BHsvfGeG45k6g@mail.gmail.com>
In-Reply-To: <CAFU7BAQuNkHDRidjQqGbXySKJ1FCRKuAksDa0BHsvfGeG45k6g@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.164.106.141]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/8ZvbiCd9q2B5gJpktal9G8fiD0Q>
Subject: Re: [IPsec] Fwd: New Version Notification for draft-colitti-ipsecme-esp-ping-01.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Mar 2024 09:25:41 -0000
Hi,
I've read the draft and I think I can understand the solution part. But please allow me to ask a stupid question about the motivation or use case, because I'm a little confused about that.
I feel that the problem of IPv6 ESP traverse failure, as described in the draft and presentation slides, is because of NAT. IKEv2 already supports the detection of NAT. After the detection of NAT, the peers can use IP + UDP (4500) + ESP to traverse the NAT. Are there some use cases that this existing solution doesn't work and this draft tries to solve? Or, are there some use cases that IKEv2 fails in detecting the existence of NAT?
I can understand the advantages of native ESP described in the draft: 1) no keepalives or fewer keepalives, 2) no overhead of UDP header. Does this draft target the use cases where IP + UDP + ESP and IP + ESP can both work in the existence of NAT, and try to benefit from the native ESP?
Regards & Thanks!
Wei PAN (潘伟)
> -----Original Message-----
> From: IPsec <ipsec-bounces@ietf.org> On Behalf Of Jen Linkova
> Sent: Thursday, February 29, 2024 11:28 PM
> To: ipsec@ietf.org
> Cc: Lorenzo Colitti <lorenzo@google.com>; Michael Richardson
> <mcr+ietf@sandelman.ca>
> Subject: [IPsec] Fwd: New Version Notification for
> draft-colitti-ipsecme-esp-ping-01.txt
>
> -01 version shall address comments received since -00.
> The main change is that payload format is defined similarly to ICMPv6
> echo, and the draft now updates RFC4303, so ESP packets with SPI == 7
> or 8 and next header==59 are not considered to be dummy packets.
>
> Comments are appreciated!
>
>
> ---------- Forwarded message ---------
> From: <internet-drafts@ietf.org>
> Date: Fri, Mar 1, 2024 at 2:24 AM
> Subject: New Version Notification for
> draft-colitti-ipsecme-esp-ping-01.txt
> To: Jen Linkova <furry13@gmail.com>, Lorenzo Colitti
> <lorenzo@google.com>, Michael Richardson
> <mcr+ietf@sandelman.ca>
>
>
> A new version of Internet-Draft draft-colitti-ipsecme-esp-ping-01.txt
> has been successfully submitted by Jen Linkova and posted to the IETF
> repository.
>
> Name: draft-colitti-ipsecme-esp-ping
> Revision: 01
> Title: ESP Echo Protocol
> Date: 2024-02-29
> Group: Individual Submission
> Pages: 7
> URL:
> https://www.ietf.org/archive/id/draft-colitti-ipsecme-esp-ping-01.txt
> Status:
> https://datatracker.ietf.org/doc/draft-colitti-ipsecme-esp-ping/
> HTML:
> https://www.ietf.org/archive/id/draft-colitti-ipsecme-esp-ping-01.html
> HTMLized:
> https://datatracker.ietf.org/doc/html/draft-colitti-ipsecme-esp-ping
> Diff:
> https://author-tools.ietf.org/iddiff?url2=draft-colitti-ipsecme-esp-ping-
> 01
>
> Abstract:
>
> This document defines an ESP echo function which can be used to
> detect whether a given network path supports IPv6 ESP packets.
>
>
>
> The IETF Secretariat
>
>
>
>
> --
> Cheers, Jen Linkova
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] Fwd: New Version Notification for draft-c… Jen Linkova
- Re: [IPsec] Fwd: New Version Notification for dra… Panwei (William)
- Re: [IPsec] Fwd: New Version Notification for dra… Michael Richardson
- Re: [IPsec] Fwd: New Version Notification for dra… Panwei (William)
- Re: [IPsec] Fwd: New Version Notification for dra… Michael Richardson
- Re: [IPsec] Fwd: New Version Notification for dra… Panwei (William)
- Re: [IPsec] Fwd: New Version Notification for dra… Paul Wouters
- Re: [IPsec] Fwd: New Version Notification for dra… Michael Richardson
- Re: [IPsec] Fwd: New Version Notification for dra… Panwei (William)
- Re: [IPsec] Fwd: New Version Notification for dra… Panwei (William)
- Re: [IPsec] Fwd: New Version Notification for dra… Michael Richardson
- Re: [IPsec] Fwd: New Version Notification for dra… Lorenzo Colitti
- Re: [IPsec] Fwd: New Version Notification for dra… Michael Richardson
- Re: [IPsec] Fwd: New Version Notification for dra… Panwei (William)
- Re: [IPsec] Fwd: New Version Notification for dra… Kan-Ru Chen