Re: IKEv2: prepending four octets
Vinay K Nallamothu <vinay-rc@naturesoft.net> Wed, 19 March 2003 12:29 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA19554 for <ipsec-archive@lists.ietf.org>; Wed, 19 Mar 2003 07:29:28 -0500 (EST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id FAA18304 Wed, 19 Mar 2003 05:12:00 -0500 (EST)
Subject: Re: IKEv2: prepending four octets
From: Vinay K Nallamothu <vinay-rc@naturesoft.net>
To: ipsec@lists.tislabs.com
In-Reply-To: <3E77FA94.1060006@roc.co.in>
References: <004001c2ed45$4536a290$292e1dc2@YnirNew> <3E77FA94.1060006@roc.co.in>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Ximian Evolution 1.0.8 (1.0.8-10)
Date: Wed, 19 Mar 2003 15:51:45 +0530
Message-Id: <1048069335.9648.262.camel@vinay.royalchallenge.com>
Mime-Version: 1.0
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
Content-Transfer-Encoding: 7bit
On Wed, 2003-03-19 at 10:35, ravi wrote: > IKEv2 is being defined fresh. Why can't we use port 500 for the purpose of > NAT Traversal. If we make this packet also containing first four bytes after > UDP header as 0s in case of IKE packet, then there is no need for port 4500 This is to avoid any IKE aware NAPT devices present in between playing smart. These devices make use of the SPI field to uniquely identify the source behind the NAPT. For more details please go through sections 9.1 to 9.3 of draft-ietf-ipsec-ikev2-tutorial-01.txt. Hope this helps vinay > > --Ravi > > >Hope this helps > > > >Yoav > > > >-----Original Message----- > >From: owner-ipsec@lists.tislabs.com > >[mailto:owner-ipsec@lists.tislabs.com]On Behalf Of ravi > >Sent: Tuesday, March 18, 2003 10:11 AM > >To: ipsec@lists.tislabs.com > >Subject: IKEv2: prepending four octets > > > > > >Dear All, > >I am going through the ikev2-0.5 draft.It says > >In the IKE header when sent on UDP port 4500 ,IKE messages have > >prepended four octets of Zero. > > > >My doubt is what made to prepend four octets of Zeroes before the IKE > >message. > >Thanks in advance, > >Ravi Kumar CH. > > > > > > > > > > > > >
- RE: IKEv2: prepending four octets Yoav Nir
- IKEv2: prepending four octets ravi
- Re: IKEv2: prepending four octets ravi
- Re: IKEv2: prepending four octets Vinay K Nallamothu
- RE: IKEv2: prepending four octets Yoav Nir
- Re: IKEv2: prepending four octets Ravi
- Re: IKEv2: prepending four octets Tero Kivinen
- RE: IKEv2: prepending four octets Yoav Nir
- Re: IKEv2: prepending four octets Ravi
- Re: IKEv2: prepending four octets Francis Dupont
- Re: IKEv2: prepending four octets Ravi