Re: example of ipsecif and racoon?

To: Hubert Feyrer <hubert%feyrer.de@localhost>
Subject: Re: example of ipsecif and racoon?
From: Andrew Cagney <andrew.cagney%gmail.com@localhost>
Date: Fri, 27 Sep 2024 16:28:46 -0400

On Fri, 27 Sept 2024 at 16:03, Hubert Feyrer <hubert%feyrer.de@localhost> wrote:
>
> Hi,
>
> does https://www.netbsd.org/docs/network/ipsec/ help?

No (but that does remind me, the example section needs an update).

These are the references I'm using:

https://man.netbsd.org/ipsecif.4
- the msgid can't be manipulated
- the auto-generated policy is implicitly bound to the physical
interface; which is, cough, old school

https://man.freebsd.org/cgi/man.cgi?query=if_ipsec&sektion=4
- the msgid can be manipulated directly
- the auto-generated policy is bound to the ipsecN interface, and not
the physical interface

https://man.openbsd.org/sec
- which doesn't even bother with the policy; presumably it is left to
the IKE daemon which, hopefully, binds it to the ipsec interface

ip link add dev ipsec1 type xfrm dev eth1 if_id 0x1
- again policy is left to the IKE daemon and bound to the ipsec interface

Follow-Ups:
- Re: example of ipsecif and racoon?
  - From: Andrew Cagney

References:
- example of ipsecif and racoon?
  - From: Andrew Cagney
- Re: example of ipsecif and racoon?
  - From: Hubert Feyrer

Prev by Date: example of ipsecif and racoon?
Next by Date: Re: example of ipsecif and racoon?
Previous by Thread: Re: example of ipsecif and racoon?
Next by Thread: Re: example of ipsecif and racoon?
Indexes:

Home | Main Index | Thread Index | Old Index