|Main Archive Page > Month Archives > ipsec archives|
RFC 4303 introduces the use of dummy packets within ESP. Section 2.6 states,
A transmitter MUST be capable of generating dummy packets marked with this value in the next protocol field, and a receiver MUST be prepared to discard such packets, without indicating an error.
However, it is not clear to me whether an IPsec/ESP implementation MUST use this feature. That is, it MUST send out dummy packets at random intervals or in a way to shape the traffic. I interpreted the above statement to mean that an implementation must only have the capability.
Further clarification if I have misinterpreted would be greatly appreciated.