[IPsec] Re: IPSEC and packet reordering
Ingemar Johansson S <ingemar.s.johansson@ericsson.com> Thu, 05 March 2026 09:40 UTC
Return-Path: <ingemar.s.johansson@ericsson.com>
X-Original-To: ipsec@mail2.ietf.org
Delivered-To: ipsec@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 3E96FC4C8014 for <ipsec@mail2.ietf.org>; Thu, 5 Mar 2026 01:40:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 08jCUJotOl0T for <ipsec@mail2.ietf.org>; Thu, 5 Mar 2026 01:40:34 -0800 (PST)
Received: from GVXPR05CU001.outbound.protection.outlook.com (mail-swedencentralazon11013062.outbound.protection.outlook.com [52.101.83.62]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 52D56C4C7FCA for <ipsec@ietf.org>; Thu, 5 Mar 2026 01:40:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=yD/AJAtX5QbFbIpwdY7Ej1GE20h6IMpjw6okypvA6DMp0BDuoqlMZiuXFslkCai+AMUxp3Hf8Pt0BhixR9e6yFoj7qrBiAjDrsDRo2vzMmMxDpzyOu4o5ssTQ4DC0ItHZhiHNTZ8f5nRa2RKml/P96da9RvXd9IkV3oA7lWCVGR2gGPnb5DDxPlVdte4XWQFA0hxBVKuFRvmVN/puNYNnaCs6UGCeG2Jj5YT/hfCtFH1ttsPBCWRIS6qFS4EQ/HkNhL5CgTeIJ7UbPzl11MNwuj58vI5/l2ZJ6hiE9J1gmuNoYeHUEPLPzGrdtI3PIhdU4zZ85FgqCxCdcbRMNIV3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CmkbxQvArg23V3KaRdeKLGWwcQkU8oRX00dyLG8HRfk=; b=O53J8be+lJs6heAQnkxa35EUu9+N3st0JmwYbmJifsc8W82XiJCb0i4g1NryKecwQUvAEquX8rcE6CBwrjRRU1B1ydrmMcelpndLoPGztXp2l+bVqpev8wF0IXJAYlzOSrOimM8CoxpKXyP9UTDFZAa0Mf4Mhj0E/ao4tnQoV1d0dfiXB8k8g+goVj+D+fp5btc0mX35wwc+vPErI2bNPENyzE2IShvb3aS5Qs1JJi/8RHzMVvD6Lk4v01UZsIk7HFZbcUcfKHnRh9FcsGhALbTqSXhNqmx92Zn0LwkqBAzJkHyYco+5GCUGMNE3uV3jKrbagaa2xpGIqL79C3ViKg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CmkbxQvArg23V3KaRdeKLGWwcQkU8oRX00dyLG8HRfk=; b=i6Vz1E85Boq9kMN5//B8iH2LuXRQDn1U70lbKAsJ3eOuFME9YH6DRyNaAYFu0sMx6uxg6+vnKChLfY6/2XSDgFlgIf7AxyBgnVtZwdrYWhoIosc6OpOaWolSLrV5nFLhHyUaaQtRdwjV4A5lEWnRLzhPyev42ZM8KE3OLR8KSkR/DuoHQ7z2ACp5qy7/8xKMUF6CMRHkel7arhtexObD7GrKCPFM+CMYbaPStHT/kiU2WilIvz1jTXzTpAg6rQOLrz6Msh9CbH/uPMK+AkVywN0hB5ujHsXHYTA17Ja9+cybQ1eCSe4m9YGevCqY0hpubGaYnjp69LUywqGpcQadEQ==
Received: from AM8PR07MB8137.eurprd07.prod.outlook.com (2603:10a6:20b:36c::18) by GV1PR07MB9045.eurprd07.prod.outlook.com (2603:10a6:150:a3::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9678.17; Thu, 5 Mar 2026 09:40:19 +0000
Received: from AM8PR07MB8137.eurprd07.prod.outlook.com ([fe80::ac3:5402:b26f:c15d]) by AM8PR07MB8137.eurprd07.prod.outlook.com ([fe80::ac3:5402:b26f:c15d%4]) with mapi id 15.20.9678.016; Thu, 5 Mar 2026 09:40:19 +0000
From: Ingemar Johansson S <ingemar.s.johansson@ericsson.com>
To: "ipsec@ietf.org" <ipsec@ietf.org>
Thread-Topic: Re : IPSEC and packet reordering
Thread-Index: Adysei8iPlRntzc5TiKy/0KVkBEdZA==
Date: Thu, 05 Mar 2026 09:40:19 +0000
Message-ID: <AM8PR07MB81378DB1A249E713C72BB4A3C27DA@AM8PR07MB8137.eurprd07.prod.outlook.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM8PR07MB8137:EE_|GV1PR07MB9045:EE_
x-ms-office365-filtering-correlation-id: 6da388cf-319d-49f2-0db6-08de7a9b3706
x-ld-processed: 92e84ceb-fbfd-47ab-be52-080c6b87953f,ExtAddr
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|6049299003|376014|1800799024|38070700021|4053099003|13003099007|8096899003;
x-microsoft-antispam-message-info: 1GA9zI3XOiuzjpr1x+ydHIMqba1YQNTdJ+OkRGvv3Q3SOWeuAaPfR+28fJItOSYuiM54XqC78cXb14LM5tq1eeRkhumKHeko7NZGU1oDleZkcM3euBIaHW14fQQMH9rtIviMFgn1YtxwVVNACpDeg6yXFYlrCvUECY6pc2PXQ6kH5pfzHDGWeL3x1V2ryKM5VgFo5Fc41Nsm1slBPZQ7VWKDG/T9fo72vHgLTIHhPxNspBFjKPZlpkceopea2qFM07PXot+FrHliarQBp6bQa5aA0+8e7+tbsVwQtafnR8cODg9dsrFRuHUjgTIhb+v11PozeknP9ZTa2EI5CXFotFV07sQ35Gh0RA0du1p5vyK0vzupMCmT5N4tznkQ2d24nUv46iglj1IWl4Ii0YP8JTRIQ3rbFRPsolO2Ku+leJjeS0HNq3wIgguxA+2cqrMGJ12a4522np7PzsR0E9xjleWbya7qzFIOBwxk+C+l/MB/dX4FreHPloHzZ58V+eaz0pIELuJwPd6gboA4ByEU6V7JQwpJ0avxNlHdSPHdkzHfejNdkoWG1OiwaclVBZlsvUZtE3bRhn4UHzU85iV0VHysKKdljoECHSW9eIqi27y/MP1AgeNRBJRnGSDCRIaQxEO/SoKGCsBcyQ0tEip5PdMtJ+7zDhjdDNqNtken7MIT7kqips/QVd6mdJRSQ4XtOr2+TEbKePj9fxXIgeb7vIDnXlM7GGIxsCaER+CbfZOqLD2XkGWSghg6EBV+L8AY
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM8PR07MB8137.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(6049299003)(376014)(1800799024)(38070700021)(4053099003)(13003099007)(8096899003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: QpAD9m8yaUtb1LFhvEleKiyOI2/jwyLlFklXtRAXZ4ECbIQ3XrK9EXwe1wnFgcVX9RAR+RvX6does4xQ984nZ+WSQFJIhOVaHsFrYX7WbXLR8CaiT5aMx8JrC+/3vSRPpmv6ZWHSwqOKqwwEbM3CDKmA2JRSgMp23E75E8mHhIj6pcjwaCIUjsM6xKJ9nMjefULc18kudZ3Tfda8QmGYaD6z/GfGPkwJ+EyYMcj/jnuigc9YihamtS0SWjA9qqscblbLbYApf8k1SAF4v6qNNDR0pWTy29rYLkEKlRDUonFL7CxGQAymGfKEAvmrLFES4wX/VclAeVEPP+lKLJCrVw8LSdpdn8kO95vss21h+0yOB52z3xP4RP28ZkwZupWQFcIa42jzIpVVcKoeUV9k36jfuGmr4oavsxqTHOQVsXmFhChIYhXO22ExmYvFUgkhw7tnml2BEZmS04466fNXM4UnVD1UjUdd5NinlVkXbpSuRXKxq3kWc/ocXaGVpRtR5oLNuy31gc4EXWFmkZ0emtSXBFtcrJ6U2BkoUKrvm2+wYCOMZaztmEkuFtelkaU7eDI5ovP2KdSYh/yTGs6dh6BZ7NBAFTDWJoay0/hI3N1SY+ikNhhGblJEda6MTeNLW66k38LELHE9tWdiamHZZ8HbzrCWsLepoKnIhbxClki7N4WtUebyltRmIbSINrDhbBLDh7xMjzQEO25BBju84efcC8/enBk+xaeTRZCcxS3LSgcvBILB6fX4KEx1mZJobSbMgQkLclJfdSMLd+XOL9Dfk4I6VXRwvbbXeYRFfPdckqe3kQAYp4IywbpHUxHqWMYPD2NEK+VxFi/HDKpevMPpUaykmMkkScUhOYqRbTU2h4aW4EQSvQQqvyqO1eEuECUaKxnEvO+r7BM9h/cewi6b5YBZWAKERsj1H6ZF03ViKBkkh3PYi335tJyIq6j3kG/4c7fpI/2SWW3q30C/mCTosfwiGS4lwuQQFiG7uN8FHIToJm9WoWlPyJ+XMTsndkz5xRebYeFIPLkC94I9l+naAKKneBZGuULZ6+QvP1d5bLkkGbCAHjKWOxkaKrpMcM/6Ax5f7/PwwmhX5p8WvY4F9m1erLjPavJtm1xWbAc/5xRXQERmFQwVl0zuyjbXHZ0mFgmEEUYyM5fhDOVispx3LQFrUSJ3/46i4LP14mgflsB+4CFX5BH3UVuMHN7aMkv3PMzf5WJgZObz8Eg7yo8LLKrWf0cV/5QdI7Joh9fEypWQ+1e0HstUBAsPQMw+JGpwh3Lf/yl2prGuEnPYmRxq4z/vXtM0IrNqOrNtC/qbY8+fjYrmjSfCoDiy27MFVX+3su7FUrvhl5e4aph9QXlYkXEojfLgwSBnRoRrz+rLHjwbUyuLsu/q0vzlh2TmUETeYcnAjN5cRvj7nyG6AZ83HA3KSSTDpEYviCzazG7QWIxeiFpspZdbEg9afdzoTyJCAaeerLtLTBMjSFjrK9kspbojDMMXMsyITbNbjTZ+Vq/d6UOcRDZQ7/qONzezb2eTju8gtF/g6NIhZQ2haP6Tg8ZtOQDm00U/jeOoL5PFIoe0JTKUe/cK7WRG6quWOgENWQ8OqPT9wZfR5Je3SYLns2ag/VL6LAfYLIgHERyt5Y3lufhg3iUVhfecZSCBeEq4k4yv1PUTbOpMzpVZRM5G+1jhOY7QDRfSyogy/3by5AAcSTglzwWikMrWdmtJ1SLWkBGF2/WBPF3fr+osV8TlcBD6tlxLIXFhrmjoGKY=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0372_01DCAC8C.75887BB0"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM8PR07MB8137.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6da388cf-319d-49f2-0db6-08de7a9b3706
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Mar 2026 09:40:19.3977 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ujuo6U8plwQbrzm+gbEDuDKV4jDRVOK10MJvryT9RZFoMKFLHzfUdvix9l51wcTHt7DVtRm5mmcK3HQLLottowGMsTLtDm97L307N0Z1xUCErDQdYHY+edUV842ogTeZ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR07MB9045
Message-ID-Hash: IQ2EPVL5WLKZ4KI4QWKJTQTHMYVP6EGT
X-Message-ID-Hash: IQ2EPVL5WLKZ4KI4QWKJTQTHMYVP6EGT
X-MailFrom: ingemar.s.johansson@ericsson.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ipsec.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Greg White <g.white@cablelabs.com>, Chris Box <chris.box@bt.com>, "chris.box.ietf@gmail.com" <chris.box.ietf@gmail.com>, "dibakar.das@intel.com" <dibakar.das@intel.com>, "Dmitry.Akhmetov@intel.com" <dmitry.akhmetov@intel.com>, Ingemar Johansson S <ingemar.s.johansson@ericsson.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [IPsec] Re: IPSEC and packet reordering
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/eo1C-lU_kaUkTIWiZ6K2rYVpRTI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Owner: <mailto:ipsec-owner@ietf.org>
List-Post: <mailto:ipsec@ietf.org>
List-Subscribe: <mailto:ipsec-join@ietf.org>
List-Unsubscribe: <mailto:ipsec-leave@ietf.org>
Hi I re-listened in on the presentation by Chris Box at the IPSECME session at IETF-124 https://www.youtube.com/watch?v=ZwfypFEEcYY <https://www.youtube.com/watch?v=ZwfypFEEcYY&t=6866s> &t=6866s The title was “Proposal for updates to Guidance on Packet Reordering”, with the accompanying IETF draft https://datatracker.ietf.org/doc/draft-white-intarea-reordering/ The topic of packet reordering has recently been brought up in the 3GPP RAN2 working group where HoL blocking due to link layer retransmission and and resequencing in 3GPP is seen as an issue. https://www.3gpp.org/ftp/tsg_ran/WG2_RL2/TSGR2_133/Docs/R2-2600101.zip Removing or modifying the resequencing in cellular networks would remedy the issue presented in the document. The question is how IPSEC in particular would manage this ?. The discussion at the end of the IPSECME session gave some insight but I am not sure that it gave any conclusive message. So please comment on what can be recommended/tolelated in terms of packet reordering from an IP SEC perspective. Regards Ingemar + other authors of draft-white-intarea-reordering ================================= Ingemar Johansson M.Sc. Master Researcher Ericsson Research GFTL ER NAP NCM Netw Proto & E2E Perf Laboratoriegränd 11 977 53, Luleå, Sweden +46-73 078 3289 <mailto:ingemar.s.johansson@ericsson.com> ingemar.s.johansson@ericsson.com <http://www.ericsson.com/> www.ericsson.com Experience is merely the name men gave to their mistakes. Oscar Wilde =================================
- [IPsec] Re: IPSEC and packet reordering Ingemar Johansson S
- [IPsec] Re: IPSEC and packet reordering Ingemar Johansson S
- [IPsec] Re: IPSEC and packet reordering Koning, Paul
- [IPsec] Re: IPSEC and packet reordering Ingemar Johansson S