[Openswan dev] Linux VPN
Goshen, Ido (Ido)
igoshen at avaya.com
Thu Jun 30 17:29:04 CEST 2005
Hi,
I'm interested in installing VPN into Linux system.
I have some concerns:
1. IPSEC and QoS -
Is there a way to prevent QoS from reordering of IPSEC packets?
Disordering of packets is critical to IPSEC
If understand correctly (probably not) IPSEC handling is done within POST_ROUTING.
Traffic-shaping queues are attached to a device, which is done afterward.
2. IPSEC policy per interface.
Can packet be matched upon their in/out interface ?
I haven't seen that interface can be specified in any method of setting IPSEC rules
(e.g. spdadd in 2.6 native ipsec, or ipsec auto -add in KLIPS of OpenSwan)
Thanks,
- Ido Goshen,
Avaya communications
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20050630/a834f9b3/attachment.htm
More information about the Dev
mailing list