From owner-freebsd-stable Mon Jul 17 20:20:27 2000 Delivered-To: freebsd-stable@freebsd.org Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by hub.freebsd.org (Postfix) with ESMTP id E47C837B93F for ; Mon, 17 Jul 2000 20:20:22 -0700 (PDT) (envelope-from touch@ISI.EDU) Received: from isi.edu (ras01.isi.edu [128.9.176.101]) by boreas.isi.edu (8.9.3/8.9.3) with ESMTP id UAA29194; Mon, 17 Jul 2000 20:20:09 -0700 (PDT) Message-ID: <3973C882.8FD3C1E0@isi.edu> Date: Mon, 17 Jul 2000 20:01:22 -0700 From: Joe Touch X-Mailer: Mozilla 4.73 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en,pdf MIME-Version: 1.0 To: itojun@iijlab.net Cc: snap-users@kame.net, Lars Eggert , stable@freebsd.org, xbone@ISI.EDU, touch@ISI.EDU Subject: Re: (KAME-snap 2942) Re: KAME/FreeBSD-stable merge References: <14186.963868537@coconut.itojun.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG itojun@iijlab.net wrote: > > >> is there any reason why the (misnamed, but that's another issue) XBONEHACK > >> option was eliminated during the recent KAME/FreeBSD-stable merge? (File > >> /usr/src/sys/net/if_gif.c.) It took us a while to get this added to KAME, > >> and we'd really like to see it merged into FreeBSD. > > - it does not seem like a common option to me (it is just a quickhack > for supporting special need at xbone project, which could have been > handled as local patch), and it does not seem to me good for > integrating into freebsd-current/releases The 'hack' restores general functionality. The current KAME code does not support multiple tunnels between two hosts on a single interface. This restores that capability, which is required for setting up different overlay networks which use the same pairs of hosts. Such capability would be required for a 6-bone and a manually-configured IPSEC tunnel, supporting two separate overlays which both use tunnels between the same two hosts. This is a requirement of multiple overlapping overlays (which have many uses). The X-Bone is just a system that makes such overlays easier to deploy; we don't do anything that can't or wouldn't be done by a reasonable network administrator today. > - support issues (who handles questions about it? i don't want to) We would be happy to. We would also be glad to discuss further with you the issue of decapsulation of these packets, especially how to best determine the virtual interface number to put in the 'recvif' field. Joe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message