Here's another thing to mention on this subject. Defining a new IP protocol number is great, but might be blocked on paths that only accept legacy protocols such as UDP and TCP (I believe SCTP and DCCP suffer from this issue). So, SEAL provides a UDP encapsulation format and defines a new UDP port number for SEAL. In that case, the transport mode encapsulation for SEAL looks like this:
+---------------------+ | IP header | | (Nexthdr = UDP) | +---------------------+ | Outer UDP header | | (port = SEAL) | +---------------------+ | SEAL Header | | (Nexthdr = UDP) | +---------------------+ | Inner UDP header | | (port = Application)| +---------------------+ | | ~ Application Data ~ | | +---------------------+ This may seem unsavory to some who prefer a "clean" encapsulation, but may be necessary on some paths. Thanks - Fred [email protected] -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
