Hi there,
as for an academic research, i was looking for some approchaches for decentralized IPsec autoconfiguration. I discovered Cisco TED, as described in [1] and [2]. The keywords for configuration are "dynamic cyrpto maps" and "discover":
crypto map map-name seq-num ipsec-isakmp [dynamic dynamic-map-name] [discover]
These documents only discribe the use of IPv4 addresses. I'd like to test the use of IPv6 with TED, unfortunately, i lack of an write enabled test environment.
Does anyone has more qualified information about the use of TED in an IPv6 enabled environment? Any hint is welcome.
Thanks, Chris.
PS: I'm aware of the IPv6 capabilities of DMVPN [3], nevertheless it still needs an central instance and is therefore not ddos fault tolerant.
[1] "