On 5/5/2015 3:43 PM, Templin, Fred L wrote: >> Then what you're saying is that the tunnel ingress - as an app - has >> > flows that are distinguishable by the net. That can happen with any >> > application. > > But, that's just it - when the original source does the probing the data > packets are always part of the same application - always. When the > tunnel ingress probes, it may be asked to encapsulate the data > pacekts of many applications.
An "application" is a source of packets. At a tunnel, the ingress arriving packets are that source - they ARE the "application". To correlate flow IDs to behavior within that flow - i.e., to the user programs that generate the packets that arrive at the ingress - requires the ingress to somehow infer those flows, unless they're explicitly marked by the user applications. That's a known limitation of any tunnel ingress. It's equally true of the user application if there are four people using one application, and you want 'flow' to map back to an individual person. Joe _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
