Re: KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found)

---

• From: "Bjoern A. Zeeb" <bzeeb-lists@xxxxxxxxxxxxxxxxxx>
• Date: Thu, 16 Mar 2006 08:36:19 +0000 (UTC)

---

On Thu, 16 Mar 2006, Massimo Lusetti wrote:

Hi,

On Wed, 2006-03-15 at 22:59 +0100, Pawel Jakub Dawidek wrote:

Let me add my two cents. There are actually two things to do with KAME
IPsec: MPSAFE and crypto(9) support and only one thing (IPv6) in case of
fast_ipsec(4), so I think it will be much easier to add IPv6 support to
fast_ipsec(4) and just drop KAME IPsec, so we can have one, full
functional IPsec stack.

This is really confusing for the users. When I first heard of
fast_ipsec(4) I thought it only works with crypto HW and if I need to do
cryptography in software I need KAME IPsec.

But that's just an opinion of a passive observer:)

I also would like to see more clearness on this, Pawel is right saying
it's a confusing situation.

with hopefully enough time this problem will be solved during
the year. This will also need some netinet6 work,...

What you can find at
http://sources.zabbadoz.net/freebsd/ipv6/
is far from being complete or fully up-to-date but it's a start...

--
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
_______________________________________________
freebsd-arch@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@xxxxxxxxxxx"

---

• Follow-Ups:
  • Re: KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found)
    • From: George V. Neville-Neil

• References:
  • netatm: plan for removal unless an active maintainer is found
    • From: Robert Watson
  • Re: netatm: plan for removal unless an active maintainer is found
    • From: Warner Losh
  • Re: netatm: plan for removal unless an active maintainer is found
    • From: Robert Watson
  • Re: netatm: plan for removal unless an active maintainer is found
    • From: Pawel Jakub Dawidek
  • KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found)
    • From: Massimo Lusetti

• Prev by Date: KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found)
• Next by Date: Re: Neteasy DRP-32TXD ethernet problems on FreeBSD 6.0
• Previous by thread: KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found)
• Next by thread: Re: KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found)
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: [fw-wiz] IPv6 and IPSec ... > require IPSec? ... And "support" can be a nebulus thing. ... all of IPv4 in toto. ... And something like 40 million IPv6 networks are routable in the ... (Firewall-Wizards) Re: [fw-wiz] IPv6 and IPSec ... > the security stuff is tightly marshalled over IPv6. ... Tunnels have always been an issue for protected networks. ... You don't have to support IPSec to be IPv4 compliant, ... (Firewall-Wizards) building a kernel for IPsec, what dependencies exist for option IPSEC ... I'm building a kernel for IPSec and am going off of the handbook ... # SCSI Controllers ... # Power management support ... # PCI Ethernet NICs that use the common MII bus controller code. ... (freebsd-questions) FAST_IPSEC is now IPSEC, please be advised... ... the Kame IPsec code has been removed from the tree. ... Hardware Offload Support ... Full IPv6 Support ... (freebsd-current) FAST_IPSEC is now IPSEC, please be advised... ... the Kame IPsec code has been removed from the tree. ... Hardware Offload Support ... Full IPv6 Support ... (freebsd-net)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Mailing-Lists  > FreeBSD  > arch  > 2006-03