Hello,
RFC3948 states in the Introduction section: “As defined in this document, UDP encapsulation of ESP packets is written in terms of IPv4 headers. There is no technical reason why an IPv6 header could not be used as the outer header and/or as the inner header. And in section 2.1 it states "o the IPv4 UDP Checksum SHOULD be transmitted as a zero value, and o receivers MUST NOT depend on the UDP checksum being a zero value" As per RFC 2460 UDP header with 0 checksum must be discarded. If all these statements are seen together it would mean NAT-T for IPv6 as described in RFC 3498 won't work. Am I missing something? Is NAT-T a valid deployment case for IPv6 network i.e. when the outer header of IPsec tunnel is IPv6? -- Gandhar Gokhale Networking Components Group LSI
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
