HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 2: (Recommended) Securing Return Routability Messages Routed Through the Home Agent
Appendix F292
Step 2: (Recommended) Securing Return
Routability Messages Routed Through the
Home Agent
RFC 3776 specifies that you should use IPsec to secure Return
Routability (RR) Home Test Init and Home Test messages routed
through the Home Agent.
NOTE If you are going to secure payload packets sent through the Home Agent,
you can skip this step. The address filters specified in the policies for this
step are a subset of the address filters specified in “Step 4: (Optional)
Securing Payload Packets Routed Through the Home Agent” on
page 301. The IP addresses in the filters for this step and step 4 are the
same. The difference is that the address filters for this step select
ICMPv6 packets (-protocol ICMPV6), and the address filters for step 4
select all protocol packets (-protocol ALL).
The data paths for Home Test Init and Home Test messages is shown in
Figure F-5. Home Test Init messages are sent from the Mobile Node to
the Correspondent Node and routed through the Home Agent, as shown
by the solid-line data paths in Figure F-5. Home Test packets are sent
from the Correspondent Node to the Mobile Node and also routed
through the Home Agent, as shown by the dotted-line data paths in
Figure F-5. In both cases, the data path segments between the Mobile
Node and the Home Agent are secured by an IPsec tunnel.