Date: Thu, 20 Jul 2017 22:32:58 +0000 From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: "Kajetan Staszkiewicz" <vegeta@tuxpowered.net> Cc: "FreeBSD Net" <freebsd-net@freebsd.org> Subject: Re: IPsec tunnel mode with gif Message-ID: <699EB97F-7235-4B1C-9C67-601CA89A4125@lists.zabbadoz.net> In-Reply-To: <1865385.GS045ia5gu@energia> References: <1865385.GS045ia5gu@energia>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20 Jul 2017, at 22:02, Kajetan Staszkiewicz wrote: > Yet for a reason beyond my understanding FreeBSD handbook proposes a > 3rd mode: > using a GIF tunnel together with IPSec tunnel mode. I really don't > understand > how is that supposed to work. People On The Internet also seem not to > be able .. > Am I wrong? Or is the Handbook wrong? The handbook is outdated and I think what you are referring to is from the early days of the IPv6/IPsec stack implementation times probably during FreeBSD 4. What you are doing (gre/gif inside transport mode to possibly get a link-state change as well, or BGP over transport mode directly is both fine. I think the short answer: updates to the handbook would be very welcome! /bz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?699EB97F-7235-4B1C-9C67-601CA89A4125>