Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 05 Apr 2002 17:37:31 +0900
From:      Shoichi Sakane <sakane@kame.net>
To:        sam@errno.com
Cc:        freebsd-net@FreeBSD.ORG
Subject:   Re: kame ipsec vs. openbsd ipsec
Message-ID:  <20020405173731D.sakane@kame.net>
In-Reply-To: Your message of "Fri, 05 Apr 2002 17:26:20 %2B0900" <20020405172620N.sakane@kame.net>
References:  <20020405172620N.sakane@kame.net>

next in thread | previous in thread | raw e-mail | index | archive | help
> some people say that OpenBSD has advantage because:

> 	2. because SA is shown as a pseudo interface,

> about 4, we don't like to create a pseudo interface of each SA,
> in particular, when we use IPsec transport mode.  each userland
> process can use individual SA in KAME.  this function is specified by
> RFC2401. when we would choice to implement SA by a interface base,
> how many interface we would need.

i have heard that openbsd have a single interface,
enc0 for only ESP flow.  all of ESP packets are threw to
this interface.  is that right ?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020405173731D.sakane>