From owner-freebsd-net@FreeBSD.ORG Thu Jun 26 17:05:16 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B48F9106567D for ; Thu, 26 Jun 2008 17:05:16 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from shrew.net (206-223-169-85.beanfield.net [206.223.169.85]) by mx1.freebsd.org (Postfix) with ESMTP id 7C1078FC22 for ; Thu, 26 Jun 2008 17:05:16 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from localhost (wm-ca.hub.org [206.223.169.82]) by shrew.net (Postfix) with ESMTP id 59C7A79E2CA; Thu, 26 Jun 2008 12:05:15 -0500 (CDT) Received: from shrew.net ([206.223.169.85]) by localhost (mx1.hub.org [206.223.169.82]) (amavisd-new, port 10024) with ESMTP id 15395-05; Thu, 26 Jun 2008 17:05:14 +0000 (UTC) Received: from hole.shrew.net (cpe-70-113-206-103.austin.res.rr.com [70.113.206.103]) by shrew.net (Postfix) with ESMTP id ED86C79E26A; Thu, 26 Jun 2008 12:05:13 -0500 (CDT) Received: from hole.shrew.net (localhost [127.0.0.1]) by hole.shrew.net (8.14.2/8.14.2) with ESMTP id m5QH5Bcd054466; Thu, 26 Jun 2008 12:05:11 -0500 (CDT) (envelope-from mgrooms@shrew.net) Received: (from www@localhost) by hole.shrew.net (8.14.2/8.14.2/Submit) id m5QH581a054465; Thu, 26 Jun 2008 12:05:08 -0500 (CDT) (envelope-from mgrooms@shrew.net) X-Authentication-Warning: hole.shrew.net: www set sender to mgrooms@shrew.net using -f To: vanhu_bsd@zeninc.net MIME-Version: 1.0 Date: Thu, 26 Jun 2008 12:05:08 -0500 From: mgrooms Organization: Shrew Soft Inc In-Reply-To: References: Message-ID: <30025d295f8077e96bcb3f3a076c8bd1@localhost> X-Sender: mgrooms@shrew.net User-Agent: RoundCube Webmail/0.1-rc1 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Cc: freebsd-net@freebsd.org, harunaga@harunaga.ru Subject: Re: patch for IPSEC_NAT_T X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: mgrooms@shrew.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jun 2008 17:05:16 -0000 On Thu, 26 Jun 2008 11:51:26 -0500, mgrooms wrote: > > ESP transport with NAT-T may need NAT-OA support, which is not > provided by the actual patch, nor by userland. > I checked in Timos patch for NAT-T original address support into ipsec-tools last December. This will be available in our 0.8 release. http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/ChangeLog.diff?r1=1.139&r2=1.140 I believe we are just missing the kernel bits on FreeBSD. -Matthew