Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)

"Haddad, Wassim Michel" <> Mon, 17 November 2008 20:58 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id CFF3B28C0F5; Mon, 17 Nov 2008 12:58:27 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id EA78628C0F7 for <>; Mon, 17 Nov 2008 12:58:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.598
X-Spam-Status: No, score=-102.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id RmfFUjlovMgo for <>; Mon, 17 Nov 2008 12:58:26 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id B51AC28C0F2 for <>; Mon, 17 Nov 2008 12:58:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=qcdkim; t=1226955506; x=1258491506; h=from:to:cc:date:subject:thread-topic:thread-index: message-id:in-reply-to:accept-language:content-language: x-ms-has-attach:x-ms-tnef-correlator:acceptlanguage: content-type:mime-version:x-ironport-av; z=From:=20"Haddad,=20Wassim=20Michel"=20<whaddad@qualcomm. com>|To:=20Arnaud=20Ebalard=20<>,=20IETF =20MEXT=20WG=20ML=20<>|CC:=20Mobopts=20IRTF =20WG=20ML=20<>,=0D=0A=20=20=20=20=20=20 =20=20"Haddad,=20Wassim=20Michel"=0D=0A=09<whaddad@qualco>|Date:=20Mon,=2017=20Nov=202008=2012:57:23=20-0800 |Subject:=20Re:=20[Mobopts]=20MIPv6=20IPsec=20Route=20Opt imization=20(IRO)|Thread-Topic:=20[Mobopts]=20MIPv6=20IPs ec=20Route=20Optimization=20(IRO)|Thread-Index:=20AclIjx3 hkebhNUm7Qh6vLV5ld4PmOwAZ/i2x|Message-ID:=20<C54744E3.6A5>|In-Reply-To:=20<87d4guwy7y.fsf@na>|Accept-Language:=20en-US|Content-Language:=20 en|X-MS-Has-Attach:|X-MS-TNEF-Correlator:|acceptlanguage: =20en-US|Content-Type:=20multipart/alternative=3B=0D=0A =09boundary=3D"_000_C54744E36A58whaddadqualcommcom_" |MIME-Version:=201.0|X-IronPort-AV:=20E=3DMcAfee=3Bi=3D"5 100,188,5436"=3B=20a=3D"13206048"; bh=xt+AoEUMr2bXaDVnTlDyZNuE+/l837GhX72IOLuQ8KE=; b=m1layU57nc6IQSuuW80xfl49DH/VWWu7uuCxhWNlRzb/2u9GmmJHeene dyzVNeOiy25+w/OCIkAzM38vpaChsoKJA9Kx2thEJaHudavGyZpaWMj3K 82Gj906J6TEanw2n9BXmpdfzPsXM0QlywncUzioNDtvBPv9XhxjZKcD0T A=;
X-IronPort-AV: E=McAfee;i="5100,188,5436"; a="13206048"
Received: from (HELO ([]) by with ESMTP/TLS/DHE-RSA-AES256-SHA; 17 Nov 2008 12:57:26 -0800
Received: from ( []) by (8.14.2/8.14.2/1.0) with ESMTP id mAHKvPBY028493 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 17 Nov 2008 12:57:26 -0800
Received: from ( []) by (8.14.2/8.14.2/1.0) with ESMTP id mAHKvPfs011627 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Mon, 17 Nov 2008 12:57:25 -0800
Received: from ([]) by ([]) with mapi; Mon, 17 Nov 2008 12:57:24 -0800
From: "Haddad, Wassim Michel" <>
To: Arnaud Ebalard <>, IETF MEXT WG ML <>
Date: Mon, 17 Nov 2008 12:57:23 -0800
Thread-Topic: [Mobopts] MIPv6 IPsec Route Optimization (IRO)
Thread-Index: AclIjx3hkebhNUm7Qh6vLV5ld4PmOwAZ/i2x
Message-ID: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en
acceptlanguage: en-US
MIME-Version: 1.0
Cc: Mobopts IRTF WG ML <>
Subject: Re: [Mobopts] MIPv6 IPsec Route Optimization (IRO)
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobility Optimizations <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: multipart/mixed; boundary="===============0928170649=="

On 11/17/08 3:30 AM, "Arnaud Ebalard" <> wrote:


Sorry for crossposting but the topic discussed in the draft may be of
interest for people of the 3 lists.

> IETF I-D Submission Tool <> writes:
> A new version of I-D, draft-ebalard-mext-ipsec-ro-00.txt has been
> successfuly submitted by Arnaud Ebalard and posted to the IETF
> repository.
> Filename:      draft-ebalard-mext-ipsec-ro
> Revision:      00
> Title:         Mobile IPv6 IPsec Route Optimization (IRO)
> Creation_date: 2008-11-17
> WG ID:         Independent Submission
> Number_of_pages: 44
> Abstract:
> This memo specifies an improved alternate route optimization procedure
> for Mobile IPv6 designed specifically for environments where IPsec is
> used between peers (most probably with IKE). The replacement of the
> complex Return Routability procedure for a simple mechanism and the
> removal of HAO and RH2 extensions from exchanged packets result in
> performance and security improvements.

I have just submitted a new I-D [1] which certainly requires an
introduction (and disclaimer): it specifies a MIPv6 Route Optimization
procedure *dedicated* to environments where IPsec/IKE is used between
peers (MN-HA, MN-CN, MN-MN) for protecting both signaling and data

Some of the improvements provided by this "IPsec Route Optimization"
mechanism (IRO) are also proposed for the IPsec communications between
the MN and its HA.

Among the features provided by IRO (introduction of the document as
a more accurate list):

  * Complete removal of RH2 and HAO (resulting in simplified packet
    handling on both sides and possibly better compatibility with
    filtering implemented in the network),

=> You can have complete removal of both options without introducing a new RO mode.
Please check


Wassim H.

Mobopts mailing list