IGMP and PIM protection
Scott Morris
swm at emanon.com
Wed Dec 23 14:24:44 UTC 2009
So we're looking to complicate things for the same of complicating
them? Using a predictable "security" doesn't exactly make things secure
does it?
On the links that you are running PIM or IGMP on, do you not have a
predictable set of clients and therefore problems? Or are we trying to
protect against something I'm not thinking of? ;)
Scott
Glen Kent wrote:
>> Would encrypting multicast not fundamentally break the concept of multicast
>> itself, unless you're encrypting multicast traffic over a backbone?
>>
>>
>
> No, i wasnt alluding to encrypting the multicast traffic. I was
> thinking of using ESP-NULL (AH is optional) for the IGMP/PIM packets.
>
> Affably,
> Kent
>
>
>
More information about the NANOG
mailing list