Re: [ssm] SSM with IPSec
Brad Huntting <huntting@glarp.com> Wed, 15 January 2003 16:03 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA01093 for <ssm-archive@lists.ietf.org>; Wed, 15 Jan 2003 11:03:04 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0FGHMJ21482; Wed, 15 Jan 2003 11:17:22 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0FG9AJ20974 for <ssm@optimus.ietf.org>; Wed, 15 Jan 2003 11:09:10 -0500
Received: from hunkular.glarp.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA00758 for <ssm@ietf.org>; Wed, 15 Jan 2003 10:53:58 -0500 (EST)
Received: from hunkular.glarp.com (localhost [127.0.0.1]) by hunkular.glarp.com (8.12.6/8.12.6) with ESMTP id h0FFv5Lq041831; Wed, 15 Jan 2003 08:57:05 -0700 (MST) (envelope-from huntting@hunkular.glarp.com)
Message-Id: <200301151557.h0FFv5Lq041831@hunkular.glarp.com>
To: holbrook@cisco.com
cc: ssm@ietf.org, mbaugher@cisco.com, bew@cisco.com
Subject: Re: [ssm] SSM with IPSec
In-Reply-To: Your message of "Wed, 15 Jan 2003 01:25:34 EST." <20030115062534.076C910B869@holbrook-laptop.cisco.com>
Date: Wed, 15 Jan 2003 08:57:05 -0700
From: Brad Huntting <huntting@glarp.com>
Sender: ssm-admin@ietf.org
Errors-To: ssm-admin@ietf.org
X-BeenThere: ssm@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ssm>, <mailto:ssm-request@ietf.org?subject=unsubscribe>
List-Id: Source-Specific Multicast <ssm.ietf.org>
List-Post: <mailto:ssm@ietf.org>
List-Help: <mailto:ssm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ssm>, <mailto:ssm-request@ietf.org?subject=subscribe>
> The solution that I most like is fairly easy to state: require the > source address to be part of the SA lookup when the destination > address is an SSM address. Mark and Brian inform me that the msec > working group is looking at solving the problem this way. What if the destination address is not in the SSM range? For example: A host wishes to receive NTP (network time protocol) multicast traffic (destination address 224.0.1.1) from three specific hosts that it trusts (whether PIM-SSM can honor this request efficiently is, I think, a separate issue). I assume there is no global group `owner' for this well known address 224.0.1.1, so the SA for this traffic would, I suspect, need to be indexed by source and destination just like SSM. One could easily imagine similar situations for other group addresses. However, as you pointed out, it's probably not necessary that the SSM group solve this problem; at least not right away. brad _______________________________________________ ssm mailing list ssm@ietf.org https://www1.ietf.org/mailman/listinfo/ssm
- [ssm] SSM with IPSec Hugh Holbrook
- Re: [ssm] SSM with IPSec Brian Haberman
- Re: [ssm] SSM with IPSec Brad Huntting
- Re: Re: [ssm] SSM with IPSec Hugh Holbrook
- Re: [ssm] SSM with IPSec Mark Baugher
- Re: Re: [ssm] SSM with IPSec Toerless Eckert
- Re: Re: Re: [ssm] SSM with IPSec Hugh Holbrook
- Re: Re: Re: [ssm] SSM with IPSec Mark Baugher
- Re: Re: Re: [ssm] SSM with IPSec Toerless Eckert
- Re: Re: Re: [ssm] SSM with IPSec Mark Baugher
- Re: Re: Re: [ssm] SSM with IPSec Toerless Eckert