From owner-freebsd-net@FreeBSD.ORG Fri Jun 27 15:06:57 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3F5CA1065684; Fri, 27 Jun 2008 15:06:57 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from proxy.meer.net (proxy.meer.net [64.13.141.13]) by mx1.freebsd.org (Postfix) with ESMTP id 2B2D88FC21; Fri, 27 Jun 2008 15:06:57 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail0.meer.net [209.157.152.14]) by proxy.meer.net (8.14.2/8.14.2) with ESMTP id m5RF6d6s068708; Fri, 27 Jun 2008 08:06:54 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m5RF6LoK017332; Fri, 27 Jun 2008 08:06:21 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from dhcp-75.hudson-trading.com.neville-neil.com (hudson-trading.com [66.150.84.160] (may be forged)) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m5RF6KDV075860; Fri, 27 Jun 2008 08:06:20 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Fri, 27 Jun 2008 11:06:19 -0400 Message-ID: From: "George V. Neville-Neil" To: Julian Elischer In-Reply-To: <4863F479.8010206@elischer.org> References: <48ca67dd60c19f94b4f21bbe88854da7@localhost> <86c7b60b19e63e9188701611ac0f6f17@localhost> <4863F479.8010206@elischer.org> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.11.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Canit-CHI2: 0.50 X-Bayes-Prob: 0.5 (Score 0, tokens from: ) X-Spam-Score: 0.00 () [Tag at 5.00] X-CanItPRO-Stream: default X-Canit-Stats-ID: 793852 - 4029d9ccc652 X-Scanned-By: CanIt (www . roaringpenguin . com) on 64.13.141.13 Cc: freebsd-net@freebsd.org, mgrooms@shrew.net, brooks@freebsd.org Subject: Re: FreeBSD NAT-T patch integration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2008 15:06:57 -0000 At Thu, 26 Jun 2008 12:56:41 -0700, julian wrote: > > I'm planning on committing it unless someone can provide a reason not > to, as I've seen it working, needed it, and have not seen any bad > byproducts. > I'd be interested to know how you tested it. NAT-T and IPsec are non-trivial protocols/subsystems that can have far reaching impacts on the network stack. Also, are you planning to maintain it after committing it? The biggest problem with NAT-T hasn't been the code, it's been that the author, who is doing a great job on the code, has been too busy to maintain it anywhere but at work. That is not a slam on the person or the code, I have the highest respect for both, but it reflects and important reality of the situation. Unless you're stepping up to maintain it as well as commit it I think it should not be committed. I know the Bjoern has been working hard to pick up the IPsec stuff in his free time, and I value his input on this subject quite a bit. Best, George