Site Navigation

Date:      Tue, 01 May 2001 12:08:47 -0700
From:      Lars Eggert <larse@ISI.EDU>
To:        Gunther Schadow <gunther@aurora.regenstrief.org>
Cc:        snap-users@kame.net, freebsd-net@freebsd.org, ipfilter@coombs.anu.edu.au, altq@csl.sony.co.jp
Subject:   Re: The future of ALTQ, IPsec & IPFILTER playing together ...
Message-ID:  <3AEF09BF.9F9A7BAB@isi.edu>
References:  <3AEEEE79.8F7CC7B0@aurora.regenstrief.org> <3AEEF26B.C6850070@isi.edu> <3AEEF59D.3D5622DE@aurora.regenstrief.org> <3AEEFA06.BA0EB9FD@isi.edu> <3AEF0452.C2FD2651@aurora.regenstrief.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
Gunther Schadow wrote:
> Another unknown to me is whether the GIF tunnel will copy
> the TOS bits into the wrapper, and so, I can't use ALTQ at all.

If it does not currently, this, at least, should be simple to add.

> I just hope that in the future we will end up with a *consistent* set
> of firewall, IPsec, and QoS networking facilities that can all play
> together happyly and that can be managed at one point. I can see how
> this could be done in two ways:

VPNs took a while to understand and deploy for basic cases, and you're
trying to apply pretty advanced stuff to them - there's bound to be some
friction. The KAME guys do an amazing job with their networking stack,
but their focus just isn't QoS over VPNs, it's IPv6 and IPsec deployment
AFAIK. KAME is designed well enough to get you basic VPN functionality
for free, but integration and combination testing with all these more
exotic networking features eats up a lot of time. That's what we're for
(wanting to use these things over VPNs :-). And the KAME people are
extremely helpful and accessible when it comes to getting bug fixes (or
feature-enabling mods) into their tree.

Lars
-- 
Lars Eggert <larse@isi.edu>               Information Sciences Institute
http://www.isi.edu/larse/              University of Southern California
[-- Attachment #2 --]
0�#	*�H��

��0�

10	+0	*�H��


���0��0�A�
#0
	*�H��


0��10	UZA10UWestern Cape10UDurbanville10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 1999.9.160
000824203008Z
010824203008Z0T10
UEggert1
0U*Lars10ULars Eggert10	*�H��

	

larse@isi.edu0��0
	*�H��



��0�����\�p�9޻� H;�����v��֐�r��∩6��"C?mxf�J��f��7��
��I��[���3C�F�́�L	I
�-�����zHR���VA怤
2�]0-b��L�)���%X>�n�Ӆ

�w0u0*+e

!0
00
L2uMyffBNUbNJJcdZ2s0U0�
larse@isi.edu0U

�00U#0����`�fU��X�F�a�#�Ì0
	*�H��


����_3��	��F�=%nW�Y-HXD�9�UO���c�6�ܰ�w�f�@u�ܶ�NԄR?��P�r}����E��1�֮2�3�������mF�h�ySwM_h|d y����R�����=��$�P ����0�0�}�

0
	*�H��


0��10	UZA10UWestern Cape10U	Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0)	*�H��

	
personal-freemail@thawte.com0
990916140140Z
010915140140Z0��10	UZA10UWestern Cape10UDurbanville10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 1999.9.160��0
	*�H��



��0�����iZ���z��]�!�#r�LK�~����r$�BR�W��{az���r98����e��^��e���yvL>�hpu��t�,O	1��A�rƦ]�D��.�M��օ>l�x�~@�эW��s�0�F�O

�7050U

�0

�
0U#0�rI�s4�U�vr�~w��Ʋ0
	*�H��


��k�Y�1�����rr��`H��U�{�g��ap�m¥7؝�(V��\uoƑ��lfq�|k�o��!6-���	��-mƃR����������t��\���~��
orzg,ks�����n���c)�	~U�1�
�0�
�

0��0��10	UZA10UWestern Cape10UDurbanville10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 1999.9.16#0	+���0	*�H��

	1	*�H��


0	*�H��

	1
010501190847Z0#	*�H��

	1�|k!l��"�ڊ��@r250R	*�H��

	1E0C0
*�H��
0*�H��
�0+0
*�H��

@0
*�H��

(0
	*�H��



��r�rT�m�8�Q�ep����ygt����Z>Zq�d�4�����#gӆ
�QSN�Ȓ��o��aE�:�D������]���)dLA�b2Tޝv�e0*<Mx���
q��	�����
���c9��

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AEF09BF.9F9A7BAB>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact