[email protected] writes: > A new Internet Draft is posted to the working group. > The draft addresses a problem where NAT is enabled dynamically > (after IPsec SA is created) because of which traffic stops.
This is already supported when MOBIKE is used, and without MOBIKE the IP-addresses cannot change, thus NAT cannot suddenly appear in the middle. Can you explain in which situations the NAT will be enbled after the IKEv2 connection has been creteated in such way that IP-addresses of both end points stay same? If the IP-addresses change, then to be able to keep the same IKEv2 connection you need to use MOBIKE and MOBIKE will already automatically enable NAT if it detects NAT while moving traffic from one IP-address to another. > The draft uses the existing IKEv2 framework (without defining any > new payloads) and maintains backward compatibility with older > implementations of IKEv2 that does not support this draft. > > We request your feedback on the same. Can you explain what is problem with the already standardized solution to this problem, and why do you think it does not solve the issue? -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
