Good afternoon, Documentation newbie here, but I've been thinking of updating section 13.7.1 (Configuring a VPN on FreeBSD) of the Handbook for a few reasons, but figured I should touch base here first and make sure I'm not duplicating effort or stepping on any toes.
Motivators: - The existing racoon.conf in the handbook uses a deprecated syntax for remote and sainfo declarations. - It also indicates the use of weak ciphers (3DES and MD5) - It describes setting up an IP-IP tunnel over tunnel-mode IPsec, which is redundant, only need to use one or the other. - Lacks any description of the referenced psk.txt file, which could be confusing for a newcomer With the introduction of IPsec into the GENERIC kernel, I figured it would be good to get this section of the handbook revised a bit. As a side note, I noticed there's a fair amount of use of RFC 1918 space (10/8, 192.168/16, etc) in the Handbook. Is there any interest in revising it to use RFC 5737 space instead? That's dedicated documentation space that is never supposed to be used in a live network. There's a corresponding IPv6 space as well, defined in RFC 3849. Thanks in advance for any input. -- Chip Marshall <[email protected]> http://2bithacker.net/
signature.asc
Description: PGP signature
