From owner-freebsd-net@FreeBSD.ORG  Tue Jun 17 22:27:06 2003
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id E6EDB37B401; Tue, 17 Jun 2003 22:27:06 -0700 (PDT)
Received: from cocoa.syncrontech.com (cocoa-e0.syncrontech.com [62.71.8.66])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 1F44643FAF; Tue, 17 Jun 2003 22:27:05 -0700 (PDT)
	(envelope-from ari.suutari@syncrontech.com)
Received: from guinness.syncrontech.com (guinness.syncrontech.com
	[62.71.8.19])h5I5QxsV086682;	Wed, 18 Jun 2003 08:27:00 +0300 (EEST)
	(envelope-from ari.suutari@syncrontech.com)
Received: from coffee.syncrontech.com (coffee.syncrontech.com [62.71.8.37])
	h5I5Qwk6076418;	Wed, 18 Jun 2003 08:26:58 +0300 (EEST)
	(envelope-from ari.suutari@syncrontech.com)
From: Ari Suutari <ari.suutari@syncrontech.com>
Organization: Syncron Tech Oy
To: freebsd-net@freebsd.org
Date: Wed, 18 Jun 2003 08:26:52 +0300
User-Agent: KMail/1.5.2
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200306180826.52639.ari.suutari@syncrontech.com>
X-Scanned-By: MIMEDefang 2.24 (www . roaringpenguin . com / mimedefang)
cc: sumikawa@freebsd.org
Subject: Enhancements for racoon
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jun 2003 05:27:07 -0000

Hi,

I have developed two enhancements for racoon.

First one is simple support for 'keepalive' statement
in racoon configuration file, which causes racoon
to keep link up with remote end even when there is
no traffic. It also does this when racoon is started,
which is very nice since it also causes initial-contact
notification to be sent to other end so possible old
SAs are removed and connection comes up immediately
(otherwise it comes up when the side which restarted
sends something or SAs expire which can take longer time).

Second one gives more support on environments which
have multiple IP addresses on same interface. It allows
selecting which local IP address to use when isakmp
packets are sent.

These things are currently under my testing, but I'm
going to make them available publicly. Which would
be the best approach for this - should I put
the patches into freebsd racoon port or maybe pass
them directly to kame project ?

	Ari S.
	Lapppeenranta, Finland