Subject: Re: ipv6 source address selection
To: Jonathan Stone <jonathan@Pescadero.dsg.stanford.edu>
From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <firstname.lastname@example.org>
Date: 09/26/2007 14:38:38
At Tue, 25 Sep 2007 13:55:26 -0700,
Jonathan Stone <jonathan@Pescadero.dsg.stanford.edu> wrote:
> >> I don't understand how the (FAST_)IPSEC implementation relates to
> >> RFC3484, but I don't know the answer anyway.
> >There shouldn't be any relation. I was just asking because I
> >don't know how much FAST_IPSEC interferes with the IPv6 code.
> Perhaps you meant to say you don't know how much FAST_IPSEC interferes
> with the *KAME* IPv6 code.
> In practice, the choice is a config-time choice between one or the
> other. NetBSD's stated plan is that the KAME code will be deprecated
> once FAST_IPSEC supports IPv6 and can functionally replace the KAME
> Ipv6 code. I don't use IPv6, so can't speak to where the SoC project
> reached that milestone or not.
For what it's worth, FreeBSD has adapted its FAST_IPSEC for KAME-based
IPv6 stack and effectively deprecated the KAME-based IPsec
implementation. It may be of interest for NetBSD developers.
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.