Re: FAST_IPSEC is now IPSEC, please be advised...
- From: Randall Stewart <rrs@xxxxxxxxx>
- Date: Tue, 03 Jul 2007 11:07:07 -0400
Great work George.. :-D
My most recent check-in moves FreeBSD HEAD, soon to be 7.0 into the
post Kame era. What was once FAST_IPSEC has been made into IPSEC and
the Kame IPsec code has been removed from the tree. We will continue
to use and update the Kame IPv6 code but of course there will be no
more drops of code from the Kame project as it ended a year ago.
Some things about the new IPsec:
1) Hardware Offload Support
Support for several vendors hardware accelerators is available by
using the new IPsec code.
2) Fine Grained Locking (SMP)
One of the major reasons to move to the new codebase and to deprecate
the Kame code was that we needed an IPsec stack that was locked for
our SMP kernel architecture.
3) Full IPv6 Support
One of the missing features of the old FAST_IPSEC code was IPv6
support. IPv6 is now fully supported.
The code has been tested in my lab using both home grown tests and the
TAHI test suite (http://www.tahi.org) as well by some FreeBSD
Developers, notably Bjoern Zeeb, who is also responsible for the user
land fixes, as well as numerous patches to the kernel.
Please forward problems, and patches to me, or this list.
freebsd-current@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscribe@xxxxxxxxxxx"
NSSTG - Cisco Systems Inc.
803-345-0369 <or> 803-317-4952 (cell)
freebsd-net@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Prev by Date: FAST_IPSEC is now IPSEC, please be advised...
- Next by Date: Re: kern/112710: [re] if_re driver detects incorrect b243a405a405 MAC address on SMC9452TX-1 pci gigabit cards
- Previous by thread: FAST_IPSEC is now IPSEC, please be advised...
- Next by thread: Re: FAST_IPSEC is now IPSEC, please be advised...