From owner-freebsd-current@FreeBSD.ORG  Thu Aug 16 20:44:01 2007
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B0E9C16A41B
	for <freebsd-current@freebsd.org>; Thu, 16 Aug 2007 20:44:01 +0000 (UTC)
	(envelope-from gallatin@cs.duke.edu)
Received: from duke.cs.duke.edu (duke.cs.duke.edu [152.3.140.1])
	by mx1.freebsd.org (Postfix) with ESMTP id 7163713C4B3
	for <freebsd-current@freebsd.org>; Thu, 16 Aug 2007 20:44:01 +0000 (UTC)
	(envelope-from gallatin@cs.duke.edu)
Received: from grasshopper.cs.duke.edu (grasshopper.cs.duke.edu [152.3.145.30])
	by duke.cs.duke.edu (8.14.0/8.14.0) with ESMTP id l7GKi0qX008593
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Thu, 16 Aug 2007 16:44:00 -0400 (EDT)
Received: (from gallatin@localhost)
	by grasshopper.cs.duke.edu (8.12.9p2/8.12.9/Submit) id l7GKhWS7002007; 
	Thu, 16 Aug 2007 16:43:32 -0400 (EDT) (envelope-from gallatin)
From: Andrew Gallatin <gallatin@cs.duke.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <18116.46859.409749.756304@grasshopper.cs.duke.edu>
Date: Thu, 16 Aug 2007 16:43:32 -0400 (EDT)
To: "Kip Macy" <kip.macy@gmail.com>
In-Reply-To: <b1fa29170708161310o5578bbc6s7b2149f9b33d3507@mail.gmail.com>
References: <18116.43755.107638.103132@grasshopper.cs.duke.edu>
	<b1fa29170708161253q6c96f8b7k6fd807b93460fd02@mail.gmail.com>
	<b1fa29170708161256v281889bcka9325164c1242d9d@mail.gmail.com>
	<18116.44624.144286.621286@grasshopper.cs.duke.edu>
	<b1fa29170708161310o5578bbc6s7b2149f9b33d3507@mail.gmail.com>
X-Mailer: VM 6.75 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid
Cc: freebsd-current@freebsd.org
Subject: Re: IPSEC disables TSO
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Aug 2007 20:44:01 -0000


Kip Macy writes:
 > >
 > > Yes, exactly, there needs to be a smarter test that can distingiush if
 > > IPSEC is actually in use on a connection or not; I should have been
 > > more clear about this.  The problem is that I have zero knowledge
 > > about IPSEC, so I have no idea how to do this.
 > >
 > > I'm worried that people will compile IPSEC into the kernel to run an
 > > encrypted tunnel (or the TCP MD5 signature stuff for BGP), and
 > > then be rather surprised that their their "normal" TCP performance
 > > stinks.
 > 
 > Maybe file it as a PR?

Good idea.

http://www.freebsd.org/cgi/query-pr.cgi?pr=115586

Drew