FreeBSD NAT-T patch integration
George V. Neville-Neil
gnn at neville-neil.com
Fri Jun 27 15:06:57 UTC 2008
At Thu, 26 Jun 2008 12:56:41 -0700,
julian wrote:
>
> I'm planning on committing it unless someone can provide a reason not
> to, as I've seen it working, needed it, and have not seen any bad
> byproducts.
>
I'd be interested to know how you tested it. NAT-T and IPsec are
non-trivial protocols/subsystems that can have far reaching impacts on
the network stack. Also, are you planning to maintain it after
committing it? The biggest problem with NAT-T hasn't been the code,
it's been that the author, who is doing a great job on the code, has
been too busy to maintain it anywhere but at work. That is not a slam
on the person or the code, I have the highest respect for both, but it
reflects and important reality of the situation. Unless you're
stepping up to maintain it as well as commit it I think it should not
be committed. I know the Bjoern has been working hard to pick up the
IPsec stuff in his free time, and I value his input on this subject
quite a bit.
Best,
George
More information about the freebsd-net
mailing list