Date: Tue, 28 Apr 2009 09:33:42 +0300 From: Niki Denev <nike_d@cytexbg.com> To: freebsd-hackers@freebsd.org Subject: Re: IPsec in GENERIC kernel config Message-ID: <2e77fc10904272333j60151a0au2682ae39e201c015@mail.gmail.com> In-Reply-To: <20090427182917.W15361@maildrop.int.zabbadoz.net> References: <49F5B6F8.4040808@melen.org> <49F5F4A6.8050902@freebsd.org> <20090427182917.W15361@maildrop.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 27, 2009 at 9:29 PM, Bjoern A. Zeeb <bzeeb-lists@lists.zabbadoz.net> wrote: > On Mon, 27 Apr 2009, Sam Leffler wrote: > > Hi, > >> Jan Melen wrote: >>> >>> Hi, >>> >>> Again when I compiled a custom kernel just to enable IPsec in the FreeB= SD >>> kernel it came to my mind why is it so that the IPsec is not enabled by >>> default in the GENERIC kernel configuration file? At least for me the >>> GENERIC kernel configuration would do just fine if the IPsec would be >>> enabled in it by default. Now I have to build a custom kernel just for = IPsec >>> btw IPsec is even mandatory for a host supporting IPv6. >> >> IPsec incurs a performance hit. =A0Fix that and it can be enabled in >> GENERIC. > > There is even a PR for this: > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dconf/128030 > > -- > Bjoern A. Zeeb =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0The greatest ri= sk is not taking one. Hello, Does anyone have any numbers on how much the performance degrades with IPSEC enabled? I'm just curious. Regards, Niki
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2e77fc10904272333j60151a0au2682ae39e201c015>