Hey Peter!
On Sun, 2005-03-27 at 14:47 +0200, Peter Bieringer wrote:
> Hi Herbert,
> thank you for quick reply.
> --On Sonntag, 27. März 2005 20:05 +1000 Herbert Xu
> <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> > Peter Bieringer <pb@xxxxxxxxxxxx> wrote:
> >>
> >> I retry to play tunneling IPv4 over IPv6-IPsec. Afair it is still not
> >> working (support is missing in 2.6.x kernel), but for startup, I have
> >> already a patch for ipsec.conf parsing (pluto already has an option to
> >> do this):
> >
> > The native IPsec stack doesn't support IPv4 over IPv6 or IPv6 over
> > IPv4 SAs. It won't be able to do so unless major surgery is done
> > to the IPsec and IP stack.
> Hmm, looks like more a long term issue :-(
> So another question: what is the status of tunneling IPv4 over IPv6 without
> IPsec e.g. using GRE or special native tunneling? Similar issue? I digged a
> little bit around in GRE code and found some IPv6 references but no hints
> whether it can be used for that also.
You might want to check out the DSTM package here:
<http://www.ipv6.rennes.enst-bretagne.fr/dstm/>
That includes a tsp server as well as a 4over6 driver. Jim Bound is
the author/editor of record for the IETF draft on DSTM.
<http://www.ietf.org/internet-drafts/draft-bound-dstm-exp-02.txt>
I've had it spun up on some Linux systems in the past for testing
purposes. Unfortunately, it does not seem to be updated to build under
the 2.6 kernels. :-(
> BTW: the reason why I'm looking for such support is the need to connect
> some "legacy" IPv4 islands over IPv6.
> Regards,
> Peter
Mike
--
Michael H. Warfield | (770) 985-6132 | mhw@xxxxxxxxxxxx
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
|