Just in case this could be useful, I am wondering if the work we did in the context of GENEVE might be useful. The work is basically mimicing IPsec architecture for GENEVE. https://datatracker.ietf.org/doc/draft-mglt-nvo3-geneve-security-architecture/ https://datatracker.ietf.org/doc/draft-mglt-nvo3-geneve-encryption-option/ https://datatracker.ietf.org/doc/draft-mglt-nvo3-geneve-authentication-option/
Yours, Daniel On Fri, May 19, 2017 at 12:37 AM Nico Williams <n...@cryptonector.com> wrote: > On Thu, May 18, 2017 at 05:13:23PM -0500, Nico Williams wrote: > > For bump-in-the-wire (BITW) implementations, provided that each tenant > > gets a different, static IP address assignment, this is easy enough. > > Otherwise, for BITW it quickly becomes infeasible to get the semantics > > you probably want. > > I would also add that for BITW, why would you want this? > > Nico > -- > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > -- Daniel Migault Ericsson
_______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
