Re: RFC: ipsec(4) pseudo interface

To: Kengo NAKAHARA <k-nakahara%iij.ad.jp@localhost>
Subject: Re: RFC: ipsec(4) pseudo interface
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Wed, 20 Dec 2017 08:40:33 -0500

On Mon, Dec 18, 2017 at 06:49:44PM +0900, Kengo NAKAHARA wrote:
> Hi,
> 
> We implement ipsec(4) pseudo interface for route-based VPNs. This pseudo
> interface manages its security policy(SP) by itself, in particular, we do
>     # ifconfig ipsec0 tunnel 10.0.0.1 10.0.0.2
> the SPs "10.0.0.1 -> 10.0.0.2"(out) and "10.0.0.2 -> 10.0.0.1"(in) are
> generated automatically and atomically. And then, when we do
>     # ifconfig ipsec0 deletetunnel
> the SPs are destroyed automatically and atomically, too.

Do you have IKE daemon changes to use this?

Thor

Follow-Ups:
- Re: RFC: ipsec(4) pseudo interface
  - From: Kengo NAKAHARA
- Re: RFC: ipsec(4) pseudo interface
  - From: Kengo NAKAHARA

References:
- RFC: ipsec(4) pseudo interface
  - From: Kengo NAKAHARA

Prev by Date: Re: RFC: ipsec(4) pseudo interface
Next by Date: Re: struct ifnet locking [was Re: IFEF_MPSAFE]
Previous by Thread: Re: RFC: ipsec(4) pseudo interface
Next by Thread: Re: RFC: ipsec(4) pseudo interface
Indexes:

Home | Main Index | Thread Index | Old Index