A radical restructuring of IPsec...
gnn at FreeBSD.org
gnn at FreeBSD.org
Sun Apr 8 14:36:29 UTC 2007
At Sat, 7 Apr 2007 12:16:00 +0200,
Jeremie Le Hen wrote:
>
> Hi, Bruce,
>
> On Sat, Apr 07, 2007 at 05:27:30AM +0100, Bruce M. Simpson wrote:
> > I'm all for this in principle. I believe that the case for FAST_IPSEC
> > over KAME IPSEC is fairly clear for those of us who have read the USENIX
> > paper. Qualitatively speaking I can say FAST_IPSEC has been more
> > pleasant to work with when introducing the TCP-MD5 support.
>
> Would you point out the paper you're talking about please ?
>
http://www.usenix.org/events/bsdcon03/tech/leffler_ipsec.html
You need a password (i.e. you need to be a USENIX member) to read it.
> George,
>
> Thank you for your work!
>
Thank me when it's done ;-)
> I'm a little sorrowful to see KAME's work going to be forgotten, but
> well, this is Darwin's law :-).
>
> BTW, a couple of years ago, I've tried KAME's snapshot against my
> RELENG_4's tree. There was a number of features that weren't in the
> base system and I'm pretty sure this is still the case. I can't
> remember them all but one: NAT-PT (RFC2766) (IPv4<->IPv6
> translation). Do you have any idea what those features will become
> in later days ?
I am working with another person who is interested in that and who has
patches, Yvan VANHULLEBUS, who also posts here.
Best,
George
More information about the freebsd-net
mailing list