netdev
[Top] [All Lists]

Re: [patch]: CONFIG_IPV6_SUBTREES fix for MIPv6

To: Henrik Petander <lpetande@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [patch]: CONFIG_IPV6_SUBTREES fix for MIPv6
From: Masahide NAKAMURA <nakam@xxxxxxxxxxxxxx>
Date: Mon, 09 Jun 2003 20:37:03 +0900
Cc: YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@xxxxxxxxxxxxxx>, <vnuorval@xxxxxxxxxx>, <davem@xxxxxxxxxx>, <kuznet@xxxxxxxxxxxxx>, <netdev@xxxxxxxxxxx>, <ajtuomin@xxxxxxxxxxxxxxxxxxx>, <jagana@xxxxxxxxxx>, <kumarkr@xxxxxxxxxx>, <usagi-core@xxxxxxxxxxxxxx>
In-reply-to: <Pine.GSO.4.44.0306091140470.25126-100000@xxxxxxxxxxxxxxxxxxx>
Organization: USAGI Project
References: <20030606223057.41ac1c9d.nakam@xxxxxxxxxxxxxx> <Pine.GSO.4.44.0306091140470.25126-100000@xxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
On Mon, 9 Jun 2003 12:06:35 +0300 (EEST)
Henrik Petander <lpetande@xxxxxxxxxxxxxxxxxxx> wrote:

> On Fri, 6 Jun 2003, Masahide NAKAMURA wrote:
> >
> > We don't think we have to change the logic handling policy with
> > the reason because we can treat MIPv6 policy just like IPsec.
> >
> > When we want to apply both MIPv6 and IPsec to the same target,
> > we need one policy that has two or more of templates(e.g. one is
> > MIPv6's template and the other is IPsec's).
> 
> Does this also mean that the IPSec and MIPv6 policies and SAs need to be
> configured at the same time or is it possible to add templates to an
> existing policy?

Currently no interface to add templates directly to it.

:
> A different issue related to the different addresses is that the SPD
> lookup should be done with the original source address, i.e. home address,
> if home address option is used and with the final destination address, if
> routing header is used. SPD lookup works now for TCP (with RT header), but
> not for raw sockets, which the mipv6 daemon will use. We will provide a
> patch for fixing the SPD lookups with raw sockets, which add routing
> header and home address option from socket options.
> 

Ok, I want to see your patch when it is provided because now I'm not so clear
about using socket option in the above case.

Regards,

-- 
Masahide NAKAMURA

<Prev in Thread] Current Thread [Next in Thread>