Date: Thu, 05 Nov 1998 03:36:14 -0500 From: Craig Metz <cmetz@inner.net> To: Jun-ichiro itojun Itoh <itojun@iijlab.net> Cc: jkh@time.cdrom.com, freebsd-net@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) Message-ID: <199811051321.NAA21656@inner.net> In-Reply-To: Your message of "Thu, 05 Nov 1998 17:33:28 %2B0900." <21751.910254808@coconut.itojun.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <21751.910254808@coconut.itojun.org>, you write: > The key differences are: > - OpenBSD IPsec uses PF_ENCAP kernel interface, which has no standard > as far as I know. KAME IPsec uses PF_KEY v2 defined in RFC2367. > - OpenBSD IPsec does not support IPv6. KAME IPsec supports IPv6. > Therefore, if OpenBSD IPsec and KAME IPv6 get imported, somebody > has to modify OpenBSD IPsec to support IPv6. The OpenBSD folks plan to merge the next NRL release and thus will have PF_KEYv2 and IPv6 support (which implies IPsec-for-IPv6, as it is a mandatory part of IPv6). This also means that there are some significant improvements coming soon in the OpenBSD IPsec support. It might not be sensible to integrate the OpenBSD IPsec code until after these are done. -Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811051321.NAA21656>