RE: Re[4]: PPP over IPSec (without L2TP)?
"Shriver, John" <john.shriver@intel.com> Thu, 14 October 1999 22:18 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id PAA29014; Thu, 14 Oct 1999 15:18:04 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id PAA00847 Thu, 14 Oct 1999 15:41:13 -0400 (EDT)
Message-ID: <392A357CE6FFD111AC3E00A0C99848B001D6A3DB@hdsmsx31.hd.intel.com>
From: "Shriver, John" <john.shriver@intel.com>
To: 'Jim Tiller' <tiller_j@ins.com>, "Shriver, John" <john.shriver@intel.com>
Cc: 'Ari Huttunen' <Ari.Huttunen@datafellows.com>, ietf-ipsra@vpnc.org, ipsec@lists.tislabs.com
Subject: RE: Re[4]: PPP over IPSec (without L2TP)?
Date: Thu, 14 Oct 1999 12:23:21 -0700
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2448.0)
Content-Type: text/plain; charset="iso-8859-1"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
> -----Original Message----- > From: Jim Tiller [mailto:tiller_j@ins.com] > Sent: Thursday, October 14, 1999 3:09 PM > To: Shriver, John > Cc: 'Ari Huttunen'; ietf-ipsra@vpnc.org; ipsec@lists.tislabs.com > Subject: Re[4]: PPP over IPSec (without L2TP)? > > > OK, but I keep choking on one aspect. > > If PPP is encapsulated into L2TP, which basically assumes the > form of an IP packet (right?) Doesn't the same issues of > reordering exist? Eliminate IPSec for a second. I'm > obviously not an L2TP dude, but I'm aware of in-band > controls within L2TP that provide the options to the > passenger protocol(s). See section 5.4 of L2TP. Of course, sequencing is optional. > I guess my misunderstanding revolves > around that if a packet is ultimately forwarded through an > IP network, the odds of packets arriving at the destination > in the wrong order are high. At that point don't the > packets get reordered by the IP stack of the receiving system > and then passed up the stack? At that point aren't the PPP > LCPs and NCPs reordered inherently prior to de-encapsulation? No. The IP and UDP layers under L2TP don't do any correction of re-ordered packets. That is not part of the service contracto or IP or UDP, only of TCP, which isn't involved. > Please be patient with me, I know I'm missing a critical > step and completely over simplifying the process. > I just don't see the need for L2TP > over IPSec, it's not sticking. > L2TP is heavier than what was needed. It has a whole multiplexing layer for many connections over one LAC/LNS connection, and there will only be one. But, it is a standards-track protocol. That's a plus, whether it's the ideal protocol or not. (It's not a standard by fiat like MS-CHAP.) It also made it easier for Microsoft to integrate IPSec/VPN functionality into Windows 2000. The IPSec community gains by having such a widely available IPSec implementation.
- PPP over IPSec (without L2TP)? Ari Huttunen
- RE: PPP over IPSec (without L2TP)? Shriver, John
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- Re: PPP over IPSec (without L2TP)? Scott G. Kelly
- Re[2]: PPP over IPSec (without L2TP)? Jim Tiller
- Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- RE: Re[2]: PPP over IPSec (without L2TP)? Shriver, John
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- Re[2]: PPP over IPSec (without L2TP)? Jim Tiller
- Re[6]: PPP over IPSec (without L2TP)? Jim Tiller
- Re[4]: PPP over IPSec (without L2TP)? Jim Tiller
- RE: Re[4]: PPP over IPSec (without L2TP)? Shriver, John
- Re: PPP over IPSec (without L2TP)? Scott G. Kelly
- Re: PPP over IPSec (without L2TP)? Pyda Srisuresh
- RE: Re[2]: PPP over IPSec (without L2TP)? Bernard Aboba
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- RE: Re[2]: PPP over IPSec (without L2TP)? Pyda Srisuresh
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- RE: Re[2]: PPP over IPSec (without L2TP)? Pyda Srisuresh
- RE: Re[2]: PPP over IPSec (without L2TP)? Stephen Kent
- Re: PPP over IPSec (without L2TP)? Paul Koning
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- Re: PPP over IPSec (without L2TP)? David Chen
- Re: PPP over IPSec (without L2TP)? Ari Huttunen
- Re: PPP over IPSec (without L2TP)? David Chen