AH and ESP

A) Why does the Authentication Header not protect all header fields of the outer IP header?
b) Consider IP fragmentation: argue why the processing of incoming packets requires all fragments of an IP packet to be reassembled before the processing of IPSec can proceed.
c) What measures are taken in the AH or ESP protocol to prevent a replay attack?
d) Why it is reasonable to check the sequence number is “expected” before the cryptographic checks are performed?

 

This Question is not yet answered!