Re[2]: PPP over IPSec (without L2TP)?
Jim Tiller <tiller_j@ins.com> Thu, 14 October 1999 18:44 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id LAA25375; Thu, 14 Oct 1999 11:44:40 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id MAA29688 Thu, 14 Oct 1999 12:56:54 -0400 (EDT)
Date: Thu, 14 Oct 1999 12:53:57 -0400
From: Jim Tiller <tiller_j@ins.com>
X-Mailer: The Bat! (v1.34a) S/N 569FD297
Reply-To: Jim Tiller <tiller_j@ins.com>
Organization: INS
X-Priority: 3 (Normal)
Message-ID: <6537.991014@ins.com>
To: "Shriver, John" <john.shriver@intel.com>
CC: 'Ari Huttunen' <Ari.Huttunen@datafellows.com>, ietf-ipsra@vpnc.org, ipsec@lists.tislabs.com
Subject: Re[2]: PPP over IPSec (without L2TP)?
In-reply-To: <392A357CE6FFD111AC3E00A0C99848B001D6A3CA@hdsmsx31.hd.intel.com>
References: <392A357CE6FFD111AC3E00A0C99848B001D6A3CA@hdsmsx31.hd.intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
Hello John, Shriver> L2TP provides the prevention of packet reordering that is REQUIRED by PPP. Shriver> The PPP protocol assumes that packets under it will never be reordered. PPP Shriver> would not work directly on top of IPSec, since IPSec does not offer a Shriver> service with any assurance of packet ordering. Excuse my ignorance, but doesn't IPSec and IP handle this in layer three and four? I'm personally torn on the use of L2TP over IPSec, I see certain implementations that can benefit, but the reasons MS gives do not impress me. Any comments are welcome. AtDhVaAnNkCsE Best regards, Jim Tiller, CISSP, MCSE+I, CCDA james_tiller@ins.com Network Security Consultant, INS Tampa, Florida "Faber est suae quisque fortunae." - Appius Claudius Caecus Thursday, October 14, 1999, 8:33:51 AM, you wrote: Shriver> L2TP provides the prevention of packet reordering that is REQUIRED by PPP. Shriver> The PPP protocol assumes that packets under it will never be reordered. PPP Shriver> would not work directly on top of IPSec, since IPSec does not offer a Shriver> service with any assurance of packet ordering. Shriver> The optional flow control for L2TP can also be used wisely to provide better Shriver> performance (lower packet loss). Shriver> Also, on Windows Dial-Up Networking, it provides a comfortable user model. Shriver> This is not to be taken lightly.
- PPP over IPSec (without L2TP)? Ari Huttunen
- RE: PPP over IPSec (without L2TP)? Shriver, John
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- Re: PPP over IPSec (without L2TP)? Scott G. Kelly
- Re[2]: PPP over IPSec (without L2TP)? Jim Tiller
- Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- RE: Re[2]: PPP over IPSec (without L2TP)? Shriver, John
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- Re[2]: PPP over IPSec (without L2TP)? Jim Tiller
- Re[6]: PPP over IPSec (without L2TP)? Jim Tiller
- Re[4]: PPP over IPSec (without L2TP)? Jim Tiller
- RE: Re[4]: PPP over IPSec (without L2TP)? Shriver, John
- Re: PPP over IPSec (without L2TP)? Scott G. Kelly
- Re: PPP over IPSec (without L2TP)? Pyda Srisuresh
- RE: Re[2]: PPP over IPSec (without L2TP)? Bernard Aboba
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- RE: Re[2]: PPP over IPSec (without L2TP)? Pyda Srisuresh
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- RE: Re[2]: PPP over IPSec (without L2TP)? Pyda Srisuresh
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- Re: PPP over IPSec (without L2TP)? Paul Koning
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- Re: PPP over IPSec (without L2TP)? David Chen
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- Re: PPP over IPSec (without L2TP)? David Chen