Subject: Re: RFC 2385
To: Andrew Brown <>
From: David Maxwell <>
List: tech-net
Date: 05/31/2003 12:39:39
On Sat, May 31, 2003 at 10:29:25AM -0400, Andrew Brown wrote:
> >I don't see any support for RFC 2385 in our kernel.  Has anyone done
> >it, or tried it?  I'd be interested in hearing about either; I may try
> >to hack it in there myself someday if no implementations exist....
> it's early in the morning for me and the coffee isn't ready yet, so my
> brain isn't willing to help my very much.  can you tell me what this
> does that ipsec doesn't do and/or what problem is solves that ipsec
> does not?

It's part of the BGP spec - as an optional configuration on connections
to peers, so it's useful for running a BGP router on NetBSD.

I know a couple of developers have implemented it for their daytime
jobs, but the code didn't make it back into the tree (mostly time issue,
also maybe some intprop ownership issues, I think).

David Maxwell,| --> Unless you have a solution
when you tell them things like that, most people collapse into a gibbering, 
unthinking mass.  This is the same reason why you probably don't tell your 
boss about everything you read on BugTraq!    - Signal 11