Valery Smyslov writes: > so, what is the outcome? Do you think we should add a recommendation > not to include source IP address in cookie calculation when TCP is in use?
I am not sure. Perhaps just add comment, that when using TCP the outer IP address of the NAT might change more often than in UDP, as NATs do assume that they do not need to keep outer IP address stable for TCP, as TCP is statefull protocol anyways, and because of this using IP address in cookie calculation for TCP might cause it to fail. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
