Date: Thu, 16 Mar 2006 08:36:19 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Massimo Lusetti <massimo@cedoc.mo.it> Cc: arch@freebsd.org, Robert Watson <rwatson@FreeBSD.org>, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found) Message-ID: <20060316082738.W2181@maildrop.int.zabbadoz.net> In-Reply-To: <1142496340.4311.12.camel@massimo.datacode.it> References: <20060315004530.B5861@fledge.watson.org> <20060314.204252.74651890.imp@bsdimp.com> <20060315105031.E5861@fledge.watson.org> <20060315215915.GB16188@garage.freebsd.pl> <1142496340.4311.12.camel@massimo.datacode.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 16 Mar 2006, Massimo Lusetti wrote: Hi, > On Wed, 2006-03-15 at 22:59 +0100, Pawel Jakub Dawidek wrote: > >> Let me add my two cents. There are actually two things to do with KAME >> IPsec: MPSAFE and crypto(9) support and only one thing (IPv6) in case of >> fast_ipsec(4), so I think it will be much easier to add IPv6 support to >> fast_ipsec(4) and just drop KAME IPsec, so we can have one, full >> functional IPsec stack. >> >> This is really confusing for the users. When I first heard of >> fast_ipsec(4) I thought it only works with crypto HW and if I need to do >> cryptography in software I need KAME IPsec. >> >> But that's just an opinion of a passive observer:) > > I also would like to see more clearness on this, Pawel is right saying > it's a confusing situation. with hopefully enough time this problem will be solved during the year. This will also need some netinet6 work,... What you can find at http://sources.zabbadoz.net/freebsd/ipv6/ is far from being complete or fully up-to-date but it's a start... -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060316082738.W2181>