On Mon, 16 Jan 2012, Nasir Bhutta wrote:
Hi, We are working on a project where we need to modify the IPsec behaviour in
linux kernel by programming..
We shall have to modify program for actual IPsec working, ESP Header, SPD and
SAD databases access working ...
I am wandering for following information:
1- What are the current linux IPsec implementations in different Linux
flavours: (Ubuntu, Fedora, Chrome Linux etc).
2- Any further information (technical documentation) can be find on technical
implementation of IPsec.
NETKEY is the BSD/KAME based stack with NETLINK/XFRM for Linux. This is
in the default linux tree.
KLIPS is the freeswan/openswan based stack with PFKEY. It is not in the
default linux tree, but kmod packages and ubuntu deb packages exist.
both stacks have different levels of support for acceleration using
multiple CPUs and different vendor support.
Apparently there is some userspace stack too that people are working on
porting, see the [email protected] mailing list.
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
