Vishwas, I think I see where you're headed.
The text under discussion is: Routing using the tunnels SHOULD work seamlessly without any updates to the higher level application configuration i.e. OSPF configuration, when the tunnel parameter changes. I read this a requirement being placed on the higher level protocol, but I believe your intent was on the solution. How about rephrasing along the lines of a requirement on the ADVPN solution? Perhaps something like: The ADVPN solution SHOULD NOT increase the amount of information required to configure protocols running over IPsec tunnels. Lou On 12/6/2012 1:55 PM, Vishwas Manral wrote: > Hi Lou, > > I have included the other comments. The last one remaining is: > > > VM> I think this is an important requirement. A tunnel should be > able to > > provide an interface by which when tunnel IP parameters change we > do not > > have to change any configuration for higher application like > Routing. I > > had earlier mentioned in more generic terms earlier but changed to the > > terms provided based on feedback from the list. > > What higher level protocols like most routing protocols that use the > tunnel interface IP addresses in operation? > > > > > The entire idea is the with scale configuration needs to be > reduced and > > that needs to happen across layers, so every layer needs to > provide the > > service. Let me know what it is I am unable to convey. > > sure, but I think you're placing new requirements on the routing & > tunneling protocols. > > VM> There are no restrictions on an application protocol like Routing. > The idea is that the lower needs to provide a functionality, so that if > required a higher layer can use it. There is no restriction at all on > the higher layer. Do let me know if that is clearer? > > Thanks, > Vishwas > > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
