From: Herbert Xu <herbert@gondor.apana.org.au>
To: pb@bieringer.de (Peter Bieringer)
Subject: Re: IPv4 tunneled over IPv6-IPsec?
Cc: dev@openswan.org, netdev@oss.sgi.com
Organization: Core
In-Reply-To: <DD992FDA2A9E3512996A18A9@[192.168.17.4]>
User-Agent: tin/1.7.4-20040225 ("Benbecula") (UNIX) (Linux/2.4.27-hx-1-686-smp (i686))
Message-Id: <E1DFUeO-0001IS-00@gondolin.me.apana.org.au>
Date: Sun, 27 Mar 2005 20:05:44 +1000
Sender: netdev-bounce@oss.sgi.com
Errors-to: netdev-bounce@oss.sgi.com
Precedence: bulk
Content-Length: 656
Lines: 17

Peter Bieringer <pb@bieringer.de> wrote:
> 
> I retry to play tunneling IPv4 over IPv6-IPsec. Afair it is still not 
> working (support is missing in 2.6.x kernel), but for startup, I have 
> already a patch for ipsec.conf parsing (pluto already has an option to do 
> this):

The native IPsec stack doesn't support IPv4 over IPv6 or IPv6 over
IPv4 SAs.  It won't be able to do so unless major surgery is done
to the IPsec and IP stack.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt