I think both ipsec and dtls would work.
The middle network is not controlled by customer and the service
provider, it’s provided by 3nd company, so the environment is not trusted,
we need to encrypt the VxLAN packets or VxLAN payload for our user data.
Currently, no such specific method, I think we need to provide one way
to resolve it.
A question for Yuanjian, are there any cases in which we need to only
encrypt the vxlan payloads while transporting the headers in plain text? If
so, the condition could be a little more complex.
Cheers
Dacheng
>
>
>
> Best Regards
> Liu Yuanjiao
>
> _______________________________________________
> nvo3 mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/nvo3
>
This message is for the designated and authorized recipient only and may
contain privileged, proprietary, confidential or otherwise private
information relating to vArmour Networks, Inc. and is the sole property of
vArmour Networks, Inc. Any views or opinions expressed are solely those of
the author and do not necessarily represent those of vArmour Networks, Inc.
If you have received this message in error, or if you are not authorized to
receive it, please notify the sender immediately and delete the original
message and any attachments from your system immediately. If you are not a
designated or authorized recipient, any other use or retention of this
message or its contents is prohibited.
_______________________________________________ nvo3 mailing list
[email protected] https://www.ietf.org/mailman/listinfo/nvo3
_______________________________________________
nvo3 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nvo3
