NAT Taversal bug in kernel patch ?

[VANHULLEBUS Yvan]

On Wed, Jan 03, 2007 at 01:54:04AM -0800, ashoke saha wrote:
> yes, i also did my own pvt patch . i think PFKEY needs
> to be modified for scalability . We should be able to
> send multiple commands, SPIs, policy id and different
> actions for each etc.

Some kind of "PFKeyV3" would allow such changes, and would also have
another advantage: standardization of lots of common extensions.

But it would be a really heavy work to do that, and I guess IETF
people will answer something like "ike is dead, ikev2 is the
future"....



Yvan.

-- 
NETASQ
http://www.netasq.com