From owner-freebsd-net@FreeBSD.ORG  Fri Jan  5 09:42:50 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 0062A16A412
	for <freebsd-net@freebsd.org>; Fri,  5 Jan 2007 09:42:49 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from smtp.zeninc.net (reverse-25.fdn.fr [80.67.176.25])
	by mx1.freebsd.org (Postfix) with ESMTP id B4E8C13C455
	for <freebsd-net@freebsd.org>; Fri,  5 Jan 2007 09:42:49 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: by smtp.zeninc.net (smtpd, from userid 1000)
	id 18DDE3F17; Fri,  5 Jan 2007 10:42:48 +0100 (CET)
Date: Fri, 5 Jan 2007 10:42:47 +0100
From: VANHULLEBUS Yvan <vanhu_bsd@zeninc.net>
To: freebsd-net@freebsd.org
Message-ID: <20070105094247.GA29706@zen.inc>
References: <20070103080704.GA486@zen.inc>
	<20070103095404.42189.qmail@web51909.mail.yahoo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20070103095404.42189.qmail@web51909.mail.yahoo.com>
User-Agent: All mail clients suck. This one just sucks less.
Subject: Re:   NAT Taversal bug in kernel patch ?
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2007 09:42:50 -0000

On Wed, Jan 03, 2007 at 01:54:04AM -0800, ashoke saha wrote:
> yes, i also did my own pvt patch . i think PFKEY needs
> to be modified for scalability . We should be able to
> send multiple commands, SPIs, policy id and different
> actions for each etc.

Some kind of "PFKeyV3" would allow such changes, and would also have
another advantage: standardization of lots of common extensions.

But it would be a really heavy work to do that, and I guess IETF
people will answer something like "ike is dead, ikev2 is the
future"....



Yvan.

-- 
NETASQ
http://www.netasq.com