[Openswan Users] klips stability & kernel versions
Paul Wouters
paul at xelerance.com
Sat Jul 8 06:30:44 CEST 2006
On Fri, 7 Jul 2006, Gary W. Smith wrote:
> You have a very good point here. I have had the same complaint with the
> netfilter group where they would say "It works for me". When asked what
> version they refer the some nightly build last week.
>
> I think that a lot of people miss that people use these in controller
> production environments where this isn't practical or possible to keep
> changing kernels every day.
>
> Anyway, it would be nice for the builders to also include the kernel for
> which it was built/tested on.
Most of the unstability comes from changes to the kernel, not changes in
Openswan userland or KLIPS. Sadly, the kernels as of 2.6.12+ have all seen
radical networking changes, and we keep having to play catch up.
Running a 2.6.16.x or 2.6.15.x is just not a very good idea for any production
system. These are not even "full releases".
A lot of our production servers are now based on xen, and we are running 2.6.11-xenu
on those. But we also have 2.6.12 kernels from FC3 with NETKEY, and 2.4.32. The
daily regression test currently uses 2.6.15.2. Some of our own embedded VPN devices
run 2.6.12.
Paul
More information about the Users
mailing list