From owner-freebsd-net@FreeBSD.ORG  Tue Dec  2 02:22:13 2008
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4D3781065678
	for <freebsd-net@freebsd.org>; Tue,  2 Dec 2008 02:22:13 +0000 (UTC)
	(envelope-from jiabwang@redhat.com)
Received: from mx2.redhat.com (mx2.redhat.com [66.187.237.31])
	by mx1.freebsd.org (Postfix) with ESMTP id 3E0808FC19
	for <freebsd-net@freebsd.org>; Tue,  2 Dec 2008 02:22:13 +0000 (UTC)
	(envelope-from jiabwang@redhat.com)
Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26])
	by mx2.redhat.com (8.13.8/8.13.8) with ESMTP id mB22MD3m017032
	for <freebsd-net@freebsd.org>; Mon, 1 Dec 2008 21:22:13 -0500
Received: from ns3.rdu.redhat.com (ns3.rdu.redhat.com [10.11.255.199])
	by int-mx2.corp.redhat.com (8.13.1/8.13.1) with ESMTP id mB22MCWc018814
	for <freebsd-net@freebsd.org>; Mon, 1 Dec 2008 21:22:12 -0500
Received: from [10.66.65.20] (dhcp-65-20.nay.redhat.com [10.66.65.20])
	by ns3.rdu.redhat.com (8.13.8/8.13.8) with ESMTP id mB22MBx8010599
	for <freebsd-net@freebsd.org>; Mon, 1 Dec 2008 21:22:11 -0500
Message-ID: <49349C00.5080902@redhat.com>
Date: Tue, 02 Dec 2008 10:22:56 +0800
From: wang_jiabo <jiabwang@redhat.com>
User-Agent: Thunderbird 2.0.0.14 (X11/20080515)
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.58 on 172.16.27.26
Subject: [ipsec] why did not freebsd6.3 support icmp6 echo request on tunnel
 mode ? it is ok on transport mode.
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Dec 2008 02:22:13 -0000

Hello, all:
the following configuration is my setkey info. when I run " setkey -f 
filename", system report "the result of line 4 :Invalid argument.
the result of line 6 : Invalid argument."
change "icmp6 128,0" to "icmp6 or any" , that is no problem .
or change "tunnel" to "transport" , that is no problem.
I do not know why , but the following configuration is no problem on 
RHEL5.2
that FreeBSD6.3 need patch ?
could you give me explain

Thank you very much


flush;
spdflush;
add 3ffe:501:ffff:103:20a:ebff:fe85:9e56 
3ffe:501:ffff:104:21d:fff:fe19:59fc esp 0x2000 -m tunnel -E 3des-cbc 
"ipv6readylogo3des1to2req" -A hmac-sha1 “ipv6readysha11to2req”;
spdadd 3ffe:501:ffff:103:20a:ebff:fe85:9e56 
3ffe:501:ffff:104:21d:fff:fe19:59fc icmp6 128,0 -P in ipsec 
esp/tunnel/3ffe:501:ffff:103:20a:ebff:fe85:9e56-3ffe:501:ffff:104:21d:fff:fe19:59fc/require; 

add 3ffe:501:ffff:104:21d:fff:fe19:59fc 
3ffe:501:ffff:103:20a:ebff:fe85:9e56 esp 0x1000 -m tunnel -E 3des-cbc 
"ipv6readylogo3des2to1req" -A hmac-sha1 “ipv6readysha12to1req”;
spdadd 3ffe:501:ffff:104:21d:fff:fe19:59fc 
3ffe:501:ffff:103:20a:ebff:fe85:9e56 icmp6 128,0 -P out ipsec 
esp/tunnel/3ffe:501:ffff:104:21d:fff:fe19:59fc-3ffe:501:ffff:103:20a:ebff:fe85:9e56/require;