I will be out of the office starting 11/14/2009 and will not return until
12/07/2009.
During this period of time, I am on leave. In case of urgent network
issues,pls contact CRC APR for escalation.
Please consider the environment before printing this e-mail.
CONFIDENTIALITY
On Fri, 2009-11-13 at 09:44 +0100, Tore Anderson wrote:
* Jonathan Lassoff
Are there any applications that absolutely *have* to sit on the same
LAN/broadcast domain and can't be configured to use unicast or multicast
IP?
FCoE comes to mind.
and in a similar vein, ATAoE ; either
On Nov 14, 2009, at 9:58 PM, Steven Bellovin wrote:
On Nov 14, 2009, at 8:28 PM, David Barak wrote:
I've seen AH used as a prove that this hasn't been through a NAT
mechanism. In this context, it's pretty much perfect.
However, what I don't understand is where the dislike for it
No - if you read the below pointers carefully it does specify that
ESP-Null is a MUST for OSPFv3 authentication protocol while AH is a
MAY. AH is mostly superfluous and complicates implementations.
Someone on the IPsec mailing list stated that at least two
implementations he was aware of
Tore Anderson writes:
* Jonathan Lassoff
Are there any applications that absolutely *have* to sit on the same
LAN/broadcast domain and can't be configured to use unicast or multicast
IP?
FCoE comes to mind.
Doesn't FCoE need even more than that, i.e. lossless Ethernet with
end-to-end flow
This 100-line document contains 62% of what you need to know to avoid
annoying 10,000 people in your email to the NANOG list. It also contains
pointers to another 23%. Please take 5 minutes to read it before
you post [again].
General Information
===
About NANOG:
Owen DeLong wrote:
I've never seen anyone use AH vs. ESP.
OSPFv3?
I've always used ESP and so has
every other IPSEC implementation I've seen anyone do.
Owen
On Nov 13, 2009, at 4:22 PM, Jack Kohn wrote:
Hi,
Interesting discussion on the utility of Authentication Header (AH) in
Does anyone have any practical long term experience with third party
alternatives to the (must be made from solid gold) Cisco SFP-GE-S module
that they'd like to share with me? I suppose I could just use compatible
GLC-SX-MM instead, but I kind of want to have DOM support.
~Seth
On Sun, Nov 15, 2009 at 20:48, Joel Jaeggli joe...@bogus.com wrote:
Owen DeLong wrote:
I've never seen anyone use AH vs. ESP.
OSPFv3?
Maybe I'm asking a dumb question, but why would one prefer AH over ESP
for OSPFv3?
RFC4552:
In order to provide authentication to OSPFv3, implementations MUST
Bill Fehring wrote:
On Sun, Nov 15, 2009 at 20:48, Joel Jaeggli joe...@bogus.com wrote:
Owen DeLong wrote:
I've never seen anyone use AH vs. ESP.
OSPFv3?
Maybe I'm asking a dumb question, but why would one prefer AH over ESP
for OSPFv3?
Header protection... still doesn't provide replay
Does anyone have any practical long term experience with third party
alternatives to the (must be made from solid gold) Cisco SFP-GE-S module
that they'd like to share with me? I suppose I could just use compatible
GLC-SX-MM instead, but I kind of want to have DOM support.
There are plenty of
11 matches
Mail list logo
