Hello,
RFC-4555 (IKEv2 Mobility and Multihoming Protocol (MOBIKE)) defines the extension of IKEv2 to support mobile users to offer seamless services when connected using IPSec and also the support for SCTP multi-homing in override mode. To support a load-share model for SCTP(2 associations) or for that matter for any transport protocol between 2 gateways/nodes, 2 IKEv2 tunnels are needed between the same pair of gw/nodes. According to the current standards, the same pair of gateways has to go through complete IKEv2 exchange twice(atleast 2, INIT and AUTH) to provide such a service. So, speaking the number of IKEv2 and IPSec tunnels needed between the gateways will increase with the increase in the amount of load-sharing and thus time to establish these tunnels. Going by the fact that the identity at both the gateways would be authenticated in the first tunnel establishment, is there a better way to achieve load-sharing? Regards, Prashant Batra
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
