>> >>>> Comments?
>> >>>	i don't think such complexity is not needed.  you just need to
>> >>>	cleanup fast-ipsec m_aux on the call to if_output, that's all you
>> >>>	need to do.
>> >> Other users of the packet-tag API disagree.
>> >
>> > 	who are they?
>>
>> He's pimping for me.  In FreeBSD tags are used for more than just data
>> that  expire once an mbuf chain hits an interface.  Think of this data
>> as an  extension of m_pkthdr.  What's been presented is a (hopefuly)
>> simple  compromise that allows us to better cooperate going forward.
>
> 	even in NetBSD m_tag are used not just for ipsec but also other purposes
> 	(VLAN for instance).  however that does not back up his proposal of
> 	removing m_tag in if_loop.c.  m_tag removal has to be implemented in
> 	proper place under fast-ipsec's responsibility, not in if_loop.c
> 	(it is not if_loop's responsibility to clean up garbage for you).

I thought this was a discussion of why "persistent tags" were needed.  I 
have no argument that fast ipsec or any other user should remove their own 
tags before they hit if_loop (as appropriate).

	Sam