Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable

To: gnats-bugs%netbsd.org@localhost
Subject: Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable
From: matthew sporleder <msporleder%gmail.com@localhost>
Date: Fri, 8 Apr 2011 13:50:03 -0400

>  IPSec uses those two protocols; if you tell NetBSD to implement them in =
>  the kernel, why would you expect to be able to access them from =
>  userland?
>

To force this choice at kernel-compile time is pretty extreme, in my opinion.

My sample program works on other operating systems.  I don't know
about their kernels as much as I do netbsd's, but I know I can install
racoon on linux without needing a new kernel.  OpenBSD has options
IPSEC in GENERIC and doesn't seem to have a problem.

Is there another example of where enabling an option in the kernel
disables a userland component in such a way?  options INET certainly
doesn't exclude my ability to run a web server.

I didn't see any mention in the options or ipsec man pages mentioning
this impact.

References:
- Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable
  - From: Paul Koning

Prev by Date: Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable
Next by Date: Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable
Previous by Thread: Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable
Next by Thread: Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable
Indexes:

Home | Main Index | Thread Index | Old Index