Subject: Re: backward compat in ipsec policy engine
To: Jun-ichiro itojun Hagino <>
From: Andrew Brown <>
List: tech-net
Date: 01/27/2000 16:35:32
>	the problem is that, now binary compiled with old header is not usable
>	on new kernel.  due to semantics change, it is not trivial to emulate
>	old calls in new kernel.  for safety reasons, we may want to
>	avoid cod #11 to #16 (skip them), and put new message type from 17.
>	however, freebsd merged the Nov 1999 KAME tree, and will be shipping
>	it in freebsd 4.0.  if we would like to keep the same numbers (for
>	COMPAT_FREEBSD maybe), we shouldn't change the numbers.
>	which route should I take?
>	- safe behavior when we run old binary on new kernel
>	  (-> skip old type #)
>	- compatibility with freebsd (no # changes.  old binaries will not
>	  run any more)

my guess would be to err in the direction of compatibility with
freebsd.  especially since there's not an actual netbsd release with
which we might need to retain compatibility.

|-----< "CODE WARRIOR" >-----|             * "ah!  i see you have the internet (Andrew Brown)                that goes *ping*!"       * "information is power -- share the wealth."