> some people say that OpenBSD has advantage because: > 2. because SA is shown as a pseudo interface,
> about 4, we don't like to create a pseudo interface of each SA, > in particular, when we use IPsec transport mode. each userland > process can use individual SA in KAME. this function is specified by > RFC2401. when we would choice to implement SA by a interface base, > how many interface we would need. i have heard that openbsd have a single interface, enc0 for only ESP flow. all of ESP packets are threw to this interface. is that right ? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
