[sctp-dev] SCTP over IPSec
Dennis Hjort
dennis.hjort at ericsson.com
Mon Mar 9 02:40:52 PDT 2009
Hi Evangelos !
I was wondering if you have managed to get any further with IPSEC ? Have
you managed to run SCTP over IPSEC to this date or are you still working
on how to run IPSEC in the first place ?
With kind regards
// Dennis
> -----Original Message-----
> From: sctp-dev-bounces at openjdk.java.net
> [mailto:sctp-dev-bounces at openjdk.java.net] On Behalf Of
> Christopher Hegarty - Sun Microsystems Ireland
> Sent: den 16 februari 2009 15:15
> To: Evangelos Haleplidis
> Cc: sctp-dev at openjdk.java.net
> Subject: Re: [sctp-dev] SCTP over IPSec
>
> Hi Evangelos,
>
> The simple answer is YES. You should be able to use a
> standard IPSec implementation and run SCTP on top of it.
>
> There is no direct support for IPsec in the Java API of
> course. IPsec (if configured) would live above the IP layer
> and below the native SCTP stack. Therefore, the Java SCTP
> implementation would leverage the platforms IPsec implementation.
>
> There is an RFC, 3554, which I believe is an attempt to
> simplify running SCTP on top of IPsec, but even without this
> it should work. You will need to configure 2 * n * m Security
> Associations, where one SCTP endpoint has n addresses and the
> other m. An implementation of RFC 3554 would reduce this number to 2.
>
> I checked both reference platforms, Solaris and LKSCTP, and
> both support this.
>
> Running a java.net.Socket over IPsec should be pretty much
> the same as SCTP, only not as much SA's! But I have not tried this.
>
> -Chris.
>
> On 02/16/09 13:10, Evangelos Haleplidis wrote:
> > Greetings to the list,
> >
> > I have one question to make.
> >
> > Is there support of SCTP over IPsec in java? How can one use it?
> >
> > Also, this is out of scope of the mailing list, but relevant to the
> > question, how can you use IPsec in Java (TCP over IPsec).
> >
> > Regards,
> > Evangelos Haleplidis.
> >
> >
>
More information about the sctp-dev
mailing list