[Openswan Users] Openswan + IPv6 [PATCH]

Ken Bantoft ken at xelerance.com
Thu May 13 07:04:43 CEST 2004


On Wed, 12 May 2004, Mikael Magnusson wrote:

> Hi,
> 
> As a matter of coincident, I was playing with Openswan and IPv6
> today and succeeded in setting up an automatic IPSEC tunnel. Both hosts
> were running Debian unstable. One with kernel 2.4.24 with the backported 
> IPSEC/IPv6 in an User-Mode-Linux process. The other one a regular system with
> kernel 2.6.5. I have tested both host-to-host and host-to-net tunnels,
> and both works.
> 
> I first tried to use Freeswan from Debian unstable, but it had problems with
> negotiating auth algorithms on 2.4.24 UML. 
> 
> Almost all of the work were already done. I only had to define a new
> connection parameter that specifies the address family, and stubs for the
> IPv6 operations in _updown. I haven't added any implementation of the IPv6
> operations since it doesn't seem to be necessary.

I've merged your auto, confread and _updown changes - thanks for the 
patch!

> Maybe the IPv6 modules esp6 and ah6 should be modprobed in
> _startklips. It apparently isn't needed in 2.6, but in 2.4 the kernel
> fails to autoload the module.

Hm, we'll experiment a little here then.

-- 
Ken Bantoft			VP Business Development
ken at xelerance.com		Xelerance Corporation
sip://toronto.xelerance.com	http://www.xelerance.com

The future is here. It's just not evenly distributed yet. 
        -- William Gibson




More information about the Users mailing list