Re: IPv6/NDP/IPsec breakage in -current

> Am 25.10.2016 um 17:13 schrieb Mike Belopuhov : > > > There are apparently some discussions in infomational RFCs regarding > this issue. For instance https://tools.ietf.org/html/rfc3756 > states: > > More specifically, the

Re: IPv6/NDP/IPsec breakage in -current

> Am 13.10.2016 um 13:06 schrieb Christian Weisgerber : > >> After the second m_makespace(): >> >>+--+-+ +--+ ++-+ >>| IPv6 | ESP | | IPv6 | | ICMPv6 | ESP | >>+--+-+ +--+ ++-+ >> >>

Re: [ipsec routing] IP frame is sent to the wrong IPSEC peer when using srcnat, but should be routed to the network with the most narrow netmask.

On Sat, Aug 27, 2011 at 10:20:38PM +0200, Axel Rau wrote: Am 19.07.2011 um 21:45 schrieb Markus Friedl: All OpenBSD versions should have this problem as it's due to the way how IPsec-flows are encoded in the routing table and I could not find and easy fix. Does this explain, why I

Re: [ipsec routing] IP frame is sent to the wrong IPSEC peer when using srcnat, but should be routed to the network with the most narrow netmask.

I think the problem is that the flow with the most specific source-network wins Am Donnerstag, 28. Juli 2011 um 14:24 schrieb Pawel Wieleba: On Tue, Jul 19, 2011 at 09:33:49PM +0100, Stuart Henderson wrote: On 2011/07/19 21:45, Markus Friedl wrote: All OpenBSD versions should have