> From: Sam Leffler [mailto:[EMAIL PROTECTED] > On Apr 24, 2004, at 11:24 AM, Mike Tancsa wrote: > > At 12:56 PM 24/04/2004, Sam Leffler wrote: > >> On Apr 24, 2004, at 9:03 AM, Oldach, Helge wrote: > >> > >>> Hi list, > >>> > >>> this is a month-old mail about the lack of a FAST_IPSEC feature > >>> compared to legacy IPSEC. Including a working patch. I haven't > >>> seen this being > >>> committed, or is it? Please also MFC to STABLE. > >> > >> The fix was not quite right for -current (where it needs to go in > >> first). I sent out the attached patch for testing but received no > >> feedback. Until I can get it tested and committed to -current it > >> won't be MFC'd. > > > > We dont run -current here, so I dont have anything to test it on. > > Also, due to the bugs in the driver with HiFn 7955, we have had to > > abandon FAST_IPSEC :( > > Running FAST IPSEC w/o h/w crypto is still faster than KAME > IPsec. See the results in my BSDCon paper.
Yes, but still the net.key.preferred_oldsa issue hits, which is what this thread is about. FAST_IPSEC is great, but unfortuantely useless for me without this... Sorry for beating this topic again. Unfortunately, like Mike, I don't have a -current system around. Maybe someone with a -current box can test? Helge _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
