[Openswan Users] NETKEY or ipsec interfaces
Marco Berizzi
pupilla at hotmail.com
Tue May 23 10:43:19 CEST 2006
Tomasz Grzelak wrote:
> Hi!
hi.
> Can you tell me what is better to use, NETKEY or ipsec interfaces?
If you are going to use netkey you should update your
linux kernel to >=2.6.16 and iptables 1.3.5 which will
support the policy match.
> What are adventages and disadventages of both methods?
The only advantage for netkey is that you don't need to
patch the kernel. Netkey also supports ipv6. KLIPS have
virtual interfaces, netkey doesn't.
More information about the Users
mailing list