From owner-freebsd-hackers@freebsd.org Wed Aug 1 13:15:49 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3214D105BF3E for ; Wed, 1 Aug 2018 13:15:49 +0000 (UTC) (envelope-from christian.mauderer@embedded-brains.de) Received: from dedi548.your-server.de (dedi548.your-server.de [85.10.215.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AEC4F737EA for ; Wed, 1 Aug 2018 13:15:48 +0000 (UTC) (envelope-from christian.mauderer@embedded-brains.de) Received: from [88.198.220.130] (helo=sslproxy01.your-server.de) by dedi548.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.85_2) (envelope-from ) id 1fkqyZ-0001Lz-SP for freebsd-hackers@freebsd.org; Wed, 01 Aug 2018 15:15:39 +0200 Received: from [82.135.62.35] (helo=mail.embedded-brains.de) by sslproxy01.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1fkqyZ-0006kK-Kv for freebsd-hackers@freebsd.org; Wed, 01 Aug 2018 15:15:39 +0200 Received: from localhost (localhost.localhost [127.0.0.1]) by mail.embedded-brains.de (Postfix) with ESMTP id 388952A1685 for ; Wed, 1 Aug 2018 15:15:55 +0200 (CEST) Received: from mail.embedded-brains.de ([127.0.0.1]) by localhost (zimbra.eb.localhost [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id FwsKQsZ54o7K for ; Wed, 1 Aug 2018 15:15:54 +0200 (CEST) Received: from localhost (localhost.localhost [127.0.0.1]) by mail.embedded-brains.de (Postfix) with ESMTP id 695522A1686 for ; Wed, 1 Aug 2018 15:15:54 +0200 (CEST) X-Virus-Scanned: amavisd-new at zimbra.eb.localhost Received: from mail.embedded-brains.de ([127.0.0.1]) by localhost (zimbra.eb.localhost [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id MsC8NQqgnxC9 for ; Wed, 1 Aug 2018 15:15:54 +0200 (CEST) Received: from [192.168.96.177] (unknown [192.168.96.177]) by mail.embedded-brains.de (Postfix) with ESMTPSA id 131782A1685 for ; Wed, 1 Aug 2018 15:15:54 +0200 (CEST) From: Christian Mauderer Subject: Configuration for IPSec Loop-Back Test Openpgp: preference=signencrypt Autocrypt: addr=christian.mauderer@embedded-brains.de; prefer-encrypt=mutual; keydata= xsFNBFLXhAQBEACrTfMX2lFXJlA7pmoCXwz4jSRCfCOcgRRcvPxiw/Kb5ky2aG1OvFezra62 zysQQllygJdyRqBzOj0R/t8xtncR8D3MIUyLe71hpFzSOEkaC7w+cJOHLoAynV1zHpvBJ9k0 +d0ukL/mdGKwGOiI5JvKP/jxC/kHDedMr+RuHeWvwwYfYw3HgUURTBZXwl+9nzDXYAoSkt6e Lw4LK4gPAMNSg5bp9zg2oiLVH1Mc+UDiG3a11atxInuhBwCnVrvEbM4cDfaXxQwPOPnR83lV qPlcd/ggs8x5POpSYHqGWXFMkL8QcPHQQkyb+fmeo0UqKPH0n7SFs+tSkhwbpo5KtfvY5P7A KiDnKFoAg1PQn66ILd4yglt9w/F3RbDPDRp4+XGjajd5gc1IKap610Lna/ueO0Gd2Y1b/PDO njN7u7eNgwNuhbNQtTqvlItmkqx0wSbTWPC7uO1gl76VBksaXKrnrQDBiS0gOd7y0OIfd7VO TEE2ABo8iLiln1r5CN5jBhxxt7J8WMrfSI10UhREJtOWFy7c6UamDSUCdlzbakFCFY7E4CFu ipyCjQr5yBNmd5TPtJCL4KCWls4tVWDZWtBrI+BXGKMGzPO3UiPkT5T8zvlViVmTIdbrucgs 02LsSDbROOQrigXJWieiUexjajocmuRaXBZqxTu3jYS4+Ijf/wARAQABzTpDaHJpc3RpYW4g TWF1ZGVyZXIgPGNocmlzdGlhbi5tYXVkZXJlckBlbWJlZGRlZC1icmFpbnMuZGU+wsF/BBMB AgApBQJS14QEAhsjBQkJZgGABwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQPZabD0IS fb09lQ/8CZrerI5CcF+FHx40FL0LqnFZcJ88UhqVCCc0LlsDUWLzbvbkQgiAiHoIc9AfDRhT sECeg3BMFIXEnIzNuOD0Yr6XvUSUvdo2I5VuEkGB3tX6u86KlLHCCTfi5qiy2CbeaLCEO1+D 0/09SGNZL4fWUXLmGVjPR4cbgkwbG7Hl8P9WXH/n9EHfI10/Mbj2Y+eH4WcKnumrkup0OHfk 3rjKYmbWqxyZv9oGf+AOeyTbZ59EhX2/M2+7GuuKqiggN+1oQpXyec63dvqr0YGBmkU87qEG 4ncugVXaFf+B6ILPEOgROuZwT+xK3RrNroCmjqQXeMhN8lQ0kyrcavDmqk6ovEjF2EM8cUis NuYJEwmx6YMzvfTzMuX4kLJgW+zIz+Dz9hLX9Bqeey5O5xCJVLUXOYe8snEsMy84aE1H9n/6 /zCqXwHcvLjf9nDiOMLBiwFOQyRPwfAxcyvqE9ynsAFP4sRKod4pkrOG1CeRdNtAz/92hhCN sP9FOqst85yQOPfpN/tJzlkHbTOhuAFAypBk0pZIAtiRKO+vw2VSP3BeGXRZjgQ1/ElZ0CVC xFwEB4Qfo++ClMkREquy1GdvLaZ7Gex850ptv3Uur1oLm4yu9jbuWZUQTR9dqa4RBUBKIctw fwhAq8k2GMOa33gYUWVK0l1cH8xqqpj5QONmyrNApQbOwU0EUteEBAEQAMuuzztQKBR3vsQG UGzXHps5c3l5HzvZ9uR4qBem1IWM9TGMUcRKbcPf+hmVzZIV5gkV1B/1B+h90GhEGATpbYE6 OdoCB6vlpc/aXjOVc921TqJ4jDM8iYfl0CIDC7EHBUPCsza8rMJYo4QH3noWc5UxW+ceW4ue luYK5CSCqbDhjguoZjCaVB2NkPZKSsjGmhx7Rw0JVSivdhPStQ41y2W+azSwNlEsmQkCQW9i xHEjRW1RLVDROj1robqHArLNwI0/SySmebSKJRQ8IpG0iSyivZ5ibnyLvjri2n87AUBVGv/u CtbWsA7oIwF4VlknKUJwDraPs798Ig06lFjz6WsjEa0BZjmDPBjkHZEqbbBI0h/Zmqo7AOrU iBefxJRDKjzQRHe3srJWr0TK/U4Lxmv1cMnF3U8sBJSM9TOfMF6QLjL92AQsX6SZEno6tzBg 3PkLwbxoC1rHFRVRsLfPercynpuIv5jaUDTKf5TqW2T8hCXJshcgSNb9l5JiNdj1PyqC7+2D k2I2/Ts9LkQRHQIAflxyshcjeBubUnIwR70AYvgMF12tQC6ZeW1HVCk8P/SBk78f9+T8SEws MPJL7td8iE4sbEhyzl9dKN3ols85tZeHTsSo3r8s6MoAjq876SvpslEcuQp+6tyOgsORv/nZ KaU7TiPMk6FCtGvB26FlABEBAAHCwWUEGAECAA8FAlLXhAQCGwwFCQlmAYAACgkQPZabD0IS fb1Ztg//S78bHPvMneb7HrA1deOBultlOIlb07ntz9nIdLo6VHIulc9t5RA4KWLTR927H52k zaTIf+ingyRGSSx9glQZ/9unNL8QQVE5TY/Hvzdl+y05189qQwsMyIIx16g8HN2h7dhIunuG 1HSK5bPlbD7yC8+Az3ICdMPr2kh/0rOJEqtQF4ySH/FLXGlbTGRnhOcLtSwK3rAacm9HCPNq muPHQoVT/goDbWMXjBp/dr/AOMYLDUS5lEJuGN8kKajQ4YWUZAPucNKh7XP8g/1ylnZpu5Mz XolRqDRrbLzWkcCE4fuAlrjyJPo8/Fj9MRvdF4Jf0KMBtd/UnJbyLO9TqWdQ5sp05ZE5SmL6 sjBxekiLLO3VLMeID6X4tY08VItTCbcb/OgkIqoAKOJaPbQQ8QczRfefNkUF7vuLJ8oIcy6O LssMWItO+3FVa4M1GBwrN1O+YWUVzcxbxPCS/1gOfMakfvObIFsexNZCJZRUeeYGSNnSJGON ajRod+BAC+CQQFqA4f3cdwpNTmUiiP4hAyb+dKNdgpTPNKFsouwDHsN/d2xXQqOh8CBMwndf NSGVW0B2n9YtXgW+LYcUd/3o4Ei/lYy8csG0xZ4RZ70j2Tq8oe5DXpvFcNv4E+vURhFBc5W2 cLTtbgqL8+Roy3aPZDft02dFgZUC1XXGw3C9KoR9rsE= Organization: embedded brains GmbH To: freebsd-hackers@freebsd.org Message-ID: <20127f75-c6d6-463e-046f-3844502f3da9@embedded-brains.de> Date: Wed, 1 Aug 2018 15:15:36 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable X-Authenticated-Sender: smtp-embedded@poldinet.de X-Virus-Scanned: Clear (ClamAV 0.100.0/24802/Wed Aug 1 10:43:37 2018) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Aug 2018 13:15:49 -0000 Hello, I'm working on a port for IPSec and ipsec-tools (racoon, setkey, libipsec) to an embedded operating system (RTEMS). RTEMS uses the FreeBSD network stack via a compatibility layer (rtems-libbsd). I can already create a IPSec connection on some real hardware with some real peer. To prevent regression in a future version, I would like to add a test that would check that the port still works. That test would have to run on a system _without_ a real hardware peer. Therefore I would like to create some IPSec loop back connection. In that case racoon would have to talk to itself because I currently only support one instance. Do you have any hints how I could create such a network? My current thought would be something along a virtual network device (maybe tun?) that can be connected to some other virtual network device via for example a bridge device. Maybe I could then try to configure two gif-devices that would use this tunnel. racoon would have to listen on both devices (maybe on different ports). Currently I have trouble setting this up. Are there any simpler ideas for an IPSec loop back connection that would use most of the stack layers= ? Thanks in advance for every answer. With kind regards Christian Mauderer