netdev
[Top] [All Lists]

Re: ipsec, nat-t, iproute2?

To: netdev@xxxxxxxxxxx
Subject: Re: ipsec, nat-t, iproute2?
From: bert hubert <ahu@xxxxxxx>
Date: Fri, 30 Jul 2004 20:12:46 +0200
In-reply-to: <20040730170726.GA5144@xxxxxxxxxxxxxxx>
Mail-followup-to: bert hubert <ahu@xxxxxxx>, netdev@xxxxxxxxxxx
References: <20040730170726.GA5144@xxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.3.28i
On Fri, Jul 30, 2004 at 07:07:26PM +0200, bert hubert wrote:

> 2) I hear people are working on iproute so it can use XFRM_USER, is this
> code available somewhere?

Ok, this is rather embarassing, turns out that this is all discussed on my
own LARTC mailinglist. I should read it every once in a while. The code is
in the bitkeeper described on http://developer.osdl.org/dev/iproute2/

> 3) NAT-Traversal, how does one set this up either using setkey,
> iproute2+stuff, or XFRM_USER? Is it supposed to work right now?
> Is NAT-T 'UDP_ENCAP_ESPINUDP'?

Sadly, this code does not yet do encap. *Swan appears to have support for
this over XFRM_USER, currently reading it.

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO

<Prev in Thread] Current Thread [Next in Thread>