[IPsec] Re: IPSEC and packet reordering

[Koning, Paul]

RFC 2406 (IPSec ESP) specifies out of order handling.  It describes the use of 
a sliding window scheme, with a minimum size of 32 and a recommended default 
size of 64.  So clearly any conforming implementation will handle a fair amount 
of reordering; how much more than the minimum would be up to implementation 
choice, or perhaps set by an adjustable parameter.  For this reason I would not 
describe IPSec as “sensitive to reordering.

               paul



Internal Use - Confidential
From: Ingemar Johansson S <ingemar.s.johansson=40ericsson....@dmarc.ietf.org>
Sent: Tuesday, March 24, 2026 5:15 AM
To: ipsec@ietf.org
Cc: Greg White <g.wh...@cablelabs.com>; Chris Box <chris....@bt.com>; 
chris.box.i...@gmail.com; dibakar....@intel.com; dmitry.akhme...@intel.com; 
Ingemar Johansson S <ingemar.s.johans...@ericsson.com>
Subject: [IPsec] Re: IPSEC and packet reordering

Hi

I try and post this again. I think that we have a fairly good understanding 
about the implications of out of sequence delivery on the transport protocol 
level. What is lacking is an understanding on how IP Sec can handle out of 
sequence delivery and what the pain limits are. So any kind of input that helps 
us advance the https://datatracker.ietf.org/doc/draft-white-intarea-reordering/ 
  draft is welcome.

Regards
Ingemar

From: Ingemar Johansson S 
<ingemar.s.johans...@ericsson.com<mailto:ingemar.s.johans...@ericsson.com>>
Sent: Thursday, 5 March 2026 10:40
To: ipsec@ietf.org<mailto:ipsec@ietf.org>
Cc: Greg White <g.wh...@cablelabs.com<mailto:g.wh...@cablelabs.com>>; Chris Box 
<chris....@bt.com<mailto:chris....@bt.com>>; 
chris.box.i...@gmail.com<mailto:chris.box.i...@gmail.com>; 
dibakar....@intel.com<mailto:dibakar....@intel.com>; 
dmitry.akhme...@intel.com<mailto:dmitry.akhme...@intel.com>; Ingemar Johansson 
S <ingemar.s.johans...@ericsson.com<mailto:ingemar.s.johans...@ericsson.com>>
Subject: Re : IPSEC and packet reordering

Hi

I re-listened in on the presentation by Chris Box at the IPSECME session at 
IETF-124
https://www.youtube.com/watch?v=ZwfypFEEcYY&t=6866s
The title was “Proposal for updates to Guidance on Packet Reordering”, with the 
accompanying IETF draft 
https://datatracker.ietf.org/doc/draft-white-intarea-reordering/
The topic of packet reordering has recently been brought up in the 3GPP RAN2 
working group where HoL blocking due to link layer retransmission and and 
resequencing in 3GPP is seen as an issue.
https://www.3gpp.org/ftp/tsg_ran/WG2_RL2/TSGR2_133/Docs/R2-2600101.zip
Removing or modifying the resequencing in cellular networks would remedy the 
issue presented in the document. The question is how IPSEC in particular would 
manage this ?.

The discussion at the end of the IPSECME session gave some insight but I am not 
sure that it gave any conclusive message. So please comment on what can be 
recommended/tolelated in terms of packet reordering from an IP SEC perspective.

Regards
Ingemar + other authors of draft-white-intarea-reordering
=================================
Ingemar Johansson  M.Sc.
Master Researcher

Ericsson Research
GFTL ER NAP NCM Netw Proto & E2E Perf
Laboratoriegränd 11
977 53, Luleå, Sweden
+46-73 078 3289
ingemar.s.johans...@ericsson.com<mailto:ingemar.s.johans...@ericsson.com>
www.ericsson.com<http://www.ericsson.com/>

      Experience is merely the name
          men gave to their mistakes.
                     Oscar Wilde
=================================


_______________________________________________
IPsec mailing list -- ipsec@ietf.org
To unsubscribe send an email to ipsec-le...@ietf.org