← Back to team overview

rohc team mailing list archive

Re: ROHC and IpSec


> Perhaps there is something I am missing  but tunnel mode does not
> solve the problem.  Even if I can then compress the IP header, I have
> to put another one back on in order to make the tunnel function, and
> this thus eliminates the benefit.

The benefit is not fully eliminated. Compression efficiency is indeed
decreased, but may still be interesting :

 -> ROHC/data
 -> IPv4/ESP/encrypted(ROHC/data)

is better than :

 -> IPv4/ESP/encrypted(IPv4/UDP/RTP/data)

If you care about security of RTP streams, you might want to have a
look at SRTP [1]. It ensures security at the application level, it is
fully compatible with ROHC without efficiency loss.


[1] https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol