Date: Tue, 28 Apr 2009 09:33:42 +0300 From: Niki Denev <nike_d@cytexbg.com> To: freebsd-hackers@freebsd.org Subject: Re: IPsec in GENERIC kernel config Message-ID: <2e77fc10904272333j60151a0au2682ae39e201c015@mail.gmail.com> In-Reply-To: <20090427182917.W15361@maildrop.int.zabbadoz.net> References: <49F5B6F8.4040808@melen.org> <49F5F4A6.8050902@freebsd.org> <20090427182917.W15361@maildrop.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 27, 2009 at 9:29 PM, Bjoern A. Zeeb <bzeeb-lists@lists.zabbadoz.net> wrote: > On Mon, 27 Apr 2009, Sam Leffler wrote: > > Hi, > >> Jan Melen wrote: >>> >>> Hi, >>> >>> Again when I compiled a custom kernel just to enable IPsec in the FreeBSD >>> kernel it came to my mind why is it so that the IPsec is not enabled by >>> default in the GENERIC kernel configuration file? At least for me the >>> GENERIC kernel configuration would do just fine if the IPsec would be >>> enabled in it by default. Now I have to build a custom kernel just for IPsec >>> btw IPsec is even mandatory for a host supporting IPv6. >> >> IPsec incurs a performance hit. Fix that and it can be enabled in >> GENERIC. > > There is even a PR for this: > http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/128030 > > -- > Bjoern A. Zeeb The greatest risk is not taking one. Hello, Does anyone have any numbers on how much the performance degrades with IPSEC enabled? I'm just curious. Regards, Niki
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2e77fc10904272333j60151a0au2682ae39e201c015>