Subject: KAME IPv6/IPsec kit for NetBSD
To: None <netbsd-announce@netbsd.org>
From: Jun-ichiro itojun Itoh <itojun@kame.net>
List: netbsd-announce
Date: 12/04/1998 12:37:00
(sorry if you've read this on tech-net@netbsd.org)
Hello, this is Jun-ichiro Itoh of KAME project.
We've released our IPv6/IPsec kit for NetBSD 1.3.2, FreeBSD
2.2.7 and BSDI BSD/OS 3.1.
This is our release called "STABLE". STABLE is bi-monthly
"documented" release. We also have weekly SNAP release and
cvsup access as well.
Here some URLs to visit:
http://www.kame.net/
ftp://ftp.kame.net/pub/kame/
If you got any questions please contact core@kame.net (implementers)
or snap-users@kame.net (users mailing list). Thanks!
itojun@kame.net
jun-ichiro itoh
--- supported items, excerpt from http://www.kame.net/project-overview.html
kernel:
* IPv6: working fine for more than two year
* IPsec: transport mode ready, tunnel mode ready only for IPv4
* IKE: home-brew IKE daemon "racoon" being developed
* ATM leased line: ready for IPv4/IPv6
* IPv4-IPv6 TCP relay for border routers: ready
* ALTQ: merged and ready (for KAME/FreeBSD)
http://www.csl.sony.co.jp/person/kjc/software.html
* mobile host support in NDP: ready and working
* laptop: PAO/wildboar ready
wildboar is BSDI pccard support code, it is also from
WIDE project (http://www.wide.ad.jp/)
* SuMiRe IPv4 NAT implementation: ready
* more to come
Userland and others:
* SMTP over IPv6: ready and working well
* POP over IPv6: ready
* ftp over IPv6: ready and working well
* tftp over IPv6: ready and working well
* Userland PPP (FreeBSD): ready and working well, with multiprotocol support
* apache6: ready, works as proxy too (both 1.2.x and 1.3.x)
* v4/v6 nameserver: ready and ongoing,
as "newbie" project (http://www.sfc.wide.ad.jp/~doi/softs/)
and bind8 patch
* v4/v6 resolver: ready
* v4/v6 dhcp: planned
* Practical v6 net:
* multihoming: ready and working
* autoconfig: working well for long time
* filter6: ready
* NAT6: we are trying to avoid this
* mozilla6: ready and testing
* routing daemons: following are ready
* route6d: simple and easy ripng daemon
* hroute6d: highly configurable ripng daemon
* bgpd: highly configurable bgp/ripng daemon
* mrt: Multi-threaded routing toolkit from merit
http://www.merit.edu/net-research/mrt/html/
* Zebra routing protocol server
http://www.zebra.org/
* merit gated
http://www.merit.edu/
* what others?
* X11 over IPv6: ready but not tested
* IPv6-ready boot floppy for installation over v6 net:
now testing for FreeBSD
* NFS6: planned
* perl5: ready, with some embedded functions and Socket.pm fixes
* snmp MIB for IPv6: ready, with small set of MIBs
--- changes from 19980930 RELEASE kit to 19981130 RELEASE kit
<<IPv4>>
- Introduced loop prevention mechanism for gif input and output.
<<IPv6>>
- Implemented kernel level multicast forwarding with PIM.
- Introduced loop prevention mechanism for gif input and output.
- Implemented kernel level prefix renumbering mechanism and its API for
the "rrenumd" daemon and the "prefix" command.
- Gif tunnel IPv6 support as outer encapsulation. (was not possible)
- Gif tunnel extension for multiple destination.
(contributed by dwiggins@bbn.com)
- Neighbor discovery code was stabilized.
- ICMPv6 redirect is now working properly.
<<IPv6 API>>
<<IPsec>>
- IPv4 IPsec (both transport and tunnel) was stabilized very much.
- IPsec tunnel now handles path MTU and TCP MSS properly.
- IPv4 options are now properly handled by IPsec code.
- Most of the ESP/AH algorithms is now confirmed to be interoperable with
other implementations.
- The "racoon" IKE daemon was updated for better interoperability.
- Statistics is now properly gathered.
<<Userland>>
- Implemented "pim6dd", a daemon of PIMv2 dense mode for IPv6, to support
IPv6 multicast routing.
- IPv6 hostname with AAAA record, or numarical IPv6 address escaped by [ ],
is supported as proxy server specification for mozilla.
- Implemented the "prefix" command for prefix assignment and renumbering
inside a node.
- Implemented the "rrenumd" daemon for sending router renumbering messages.
- Enhanced the "rtadvd" daemon for receiving router renumbering messages
and renumbering pre-assigned prefixes.
- Resolver was updated to keep binary compatibility with existing
implementations. Namely, struct _res is now kept unchanged from original
bind distribution.
- EPSV/EPRT support for FAITH TCP translator.
- "tcpdump" is now able to chase IPv6 header chain and to analyze IPsec
related packets.
- IPv6-ready logwtmp() and skeyaccess() is now supplied (FreeBSD only).
<<Others>>
- Copyright notice was changed. We are now using 3-clause BSD copyright.
- New ports: "apache13", "gated" ("apache" is renamed to "apache12")
- "lynx" security hole fix included into the IPv6-ready ports directory.
(this is a problem with the original "lynx", not the IPv6 patch)
- KAME on NetBSD-pmax is now confirmed to work.