[RFC] Extensions to IPv6 Neighbor Discovery for Inverse Discovery Specification
This memo describes extensions to the IPv6 Neighbor Discovery that
allow a node to determine and advertise an IPv6 address corresponding
to a given link-layer address. These extensions are called Inverse
Neighbor Discovery. The Inverse Neighbor Discovery (IND) was
originally developed for Frame Relay networks, but may also apply to
other networks with similar behavior.
[RFC] UDP Encapsulation of IPsec Packets
This draft defines methods to encapsulate and decapsulate ESP and
AH packets inside UDP packets for the purpose of traversing NATs.
ESP encapsulation as defined in this document is capable of being
used in both IPv4 and IPv6 scenarios. AH encapsulation is defined
for IPv4 scenarios only.
The encapsulation is used whenever negotiated using IKE, as
defined in [Kiv00]. The design choices are documented in [Dixon00].
draft-ietf-ipsec-udp-encaps-00.txt
[RFC] Negotiation of NAT-Traversal in the IKE
This document describes how to detect one or more NATs between IPsec
hosts, and how to negotiate the use of UDP encapsulation of the IPsec
packets through the NAT boxes in IKE.
draft-ietf-ipsec-nat-t-ike-00.txt
[RFC] IPsec-NAT Compatibility Requirements
Perhaps the most common use of IPsec is in providing virtual private
networking capabilities. One very popular use of VPNs is to provide
tele-commuter access to the corporate Intranet. Today NATs are widely
deployed in home gateways, as well as in other locations likely to be
used by tele-commuters, such as hotels. The result is that IPsec-NAT
incompatibilities have become a major barrier to deployment of IPsec in
one of its principal uses. This draft describes known incompatibilities
between NAT and IPsec, and describes the requirements for addressing
them.
draft-ietf-ipsec-nat-reqts-00.txt
[RFC] IPsec over NAT Justification for UDP Encapsulation
This draft explains the design justification and alternatives for
two IPsec over NAT drafts, UDP Encapsulation of IPsec Packets,
[Hutt01] and [Kiv00]. This draft sets the requirements for a
solution in terms of scenarios in which NAT is used, and NAT
operations. This draft is specifies the requirements for IPsec NAT
traversal, scenarios these extensions enable, and design rationale
for the proposed solution. This draft assumes that the reader is
familiar with the interactions of NAT with IPsec documented in
[Aboba04].
0 件のコメント:
コメントを投稿