I was pointed to two drafts about using IPsec for transporting virtual
machine network traffic. Specifically, its use of AH is what I'm a
little concerned about, as I was hoping the IPsecME WG could start work
soon at obsoleting AH and recommend ESP-null for the remaining use cases.
IPsec over Geneve Encapsulation
https://tools.ietf.org/html/draft-boutros-nvo3-ipsec-over-geneve-01
Geneve Header Authentication Option (GAO)
https://tools.ietf.org/html/draft-mglt-nvo3-geneve-authentication-option-00
Is anyone aware of any other existing or planned deployments of AH?
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
