Subject: Re: RFC 2385
To: Andrew Brown <atatat@atatdot.net>
From: David Maxwell <david@crlf.net>
List: tech-net
Date: 05/31/2003 12:39:39
On Sat, May 31, 2003 at 10:29:25AM -0400, Andrew Brown wrote:
> >I don't see any support for RFC 2385 in our kernel. Has anyone done
> >it, or tried it? I'd be interested in hearing about either; I may try
> >to hack it in there myself someday if no implementations exist....
>
> it's early in the morning for me and the coffee isn't ready yet, so my
> brain isn't willing to help my very much. can you tell me what this
> does that ipsec doesn't do and/or what problem is solves that ipsec
> does not?
It's part of the BGP spec - as an optional configuration on connections
to peers, so it's useful for running a BGP router on NetBSD.
I know a couple of developers have implemented it for their daytime
jobs, but the code didn't make it back into the tree (mostly time issue,
also maybe some intprop ownership issues, I think).
--
David Maxwell, david@vex.net|david@maxwell.net --> Unless you have a solution
when you tell them things like that, most people collapse into a gibbering,
unthinking mass. This is the same reason why you probably don't tell your
boss about everything you read on BugTraq! - Signal 11