> My major objections are lack of security and extensibility. I don't know if this helps your security concern but the LISP WG has draft-ietf-lisp-crypto that is supported by the LISP encapsulating header.
VXLAN-GPE also had a goal to make VXLAN and LISP converge on a similar header at the same time as having more demux options. This is why, at the same time VXLAN-GPE was created, the LISP-GPE header was also created. So if the LISP control-plane is used for these data-planes, then key exchange, encryption, and authentication can be supported for all the header formats above. All that needs to be spec'ed is to allocate 2 bits from the *-GPE headers for a key-id field. Dino
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
