RE: Re[2]: PPP over IPSec (without L2TP)?

"Shriver, John" <john.shriver@intel.com> Thu, 14 October 1999 19:16 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id MAA25837; Thu, 14 Oct 1999 12:16:39 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id NAA29910 Thu, 14 Oct 1999 13:39:05 -0400 (EDT)
Message-ID: <392A357CE6FFD111AC3E00A0C99848B001D6A3D4@hdsmsx31.hd.intel.com>
From: "Shriver, John" <john.shriver@intel.com>
To: 'Jim Tiller' <tiller_j@ins.com>
Cc: 'Ari Huttunen' <Ari.Huttunen@datafellows.com>, ietf-ipsra@vpnc.org, ipsec@lists.tislabs.com
Subject: RE: Re[2]: PPP over IPSec (without L2TP)?
Date: Thu, 14 Oct 1999 10:19:37 -0700
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2448.0)
Content-Type: text/plain; charset="iso-8859-1"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk


> From: Jim Tiller [mailto:tiller_j@ins.com]
> Sent: Thursday, October 14, 1999 12:54 PM
> To: Shriver, John
> Cc: 'Ari Huttunen'; ietf-ipsra@vpnc.org; ipsec@lists.tislabs.com
> Subject: Re[2]: PPP over IPSec (without L2TP)?
> 
> Excuse my ignorance, but doesn't IPSec and IP handle this in
> layer three and four? I'm personally torn on the use of L2TP
> over IPSec, I see certain implementations that can benefit,
> but the reasons MS gives do not impress me.
> Any comments are welcome.
> 

Well, for the DATA path, PPP itself has no concerns about packet reordering.
IP over PPP could care less.

But, some of the protocols over PPP care very much about reordering.  IEEE
802.1D bridging assumes essentially no possibility of reordering, so BCP
over PPP has to assume that what is under PPP will not reorder.

But, the big problem is the entire PPP negotiation state machine.  (The
CONTROL path.)  It is absolutely designed on the assumption that the data
link underneath will never reorder packets.  Suppose a NCP Config-Ack was
sent by an IPCP Config-Request.  If they were swapped in transit, the IPCP
packet would be received before NCP was up.

Also, the Van Jacobsen TCP header compression really benefits greatly from
being informed of packet loss at the receiver.  L2TP can provide some hint
of that.

------------- End Forwarded Message -------------