From owner-freebsd-stable Fri Nov 22 7:14:25 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D2BD37B401 for ; Fri, 22 Nov 2002 07:14:24 -0800 (PST) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id A1EC243EAF for ; Fri, 22 Nov 2002 07:14:23 -0800 (PST) (envelope-from kudzu@tenebras.com) Received: (qmail 33224 invoked from network); 22 Nov 2002 15:14:22 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 22 Nov 2002 15:14:22 -0000 Message-ID: <3DDE49CD.3010709@tenebras.com> Date: Fri, 22 Nov 2002 07:14:21 -0800 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en, fr-fr, ru MIME-Version: 1.0 To: Helge Oldach Cc: Archie Cobbs , guido@gvr.org, dkelly@hiwaay.net, hausen@punkt.de, sullrich@CRE8.COM, greg.panula@dolaninformation.com, FreeBSD-stable@FreeBSD.ORG Subject: Re: IPsec/gif VPN tunnel packets on wrong NIC in ipfw? SOLUTION AND QUESTIONS References: <200211220827.gAM8RNYD090720@sep.oldach.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Has anyone mentioned UDP Encapsulation of IPsec Packets, draft-ietf-ipsec-udp-encaps-04.txt ? There, I've done it. You may not find it helpful or relevant... I'm inclined to agree with the earlier assessment of the problem being one that derives from an "interface-centric" solution. The only thing to recommend Kame/Racoon/Blodge is that it exists, IMO. This is compelling enough to use it, but not love it. Shouldn't EVERYTHING be done via a divert daemon? ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message