Enhancements for racoon

Ari Suutari ari.suutari at syncrontech.com
Tue Jun 17 22:27:07 PDT 2003


I have developed two enhancements for racoon.

First one is simple support for 'keepalive' statement
in racoon configuration file, which causes racoon
to keep link up with remote end even when there is
no traffic. It also does this when racoon is started,
which is very nice since it also causes initial-contact
notification to be sent to other end so possible old
SAs are removed and connection comes up immediately
(otherwise it comes up when the side which restarted
sends something or SAs expire which can take longer time).

Second one gives more support on environments which
have multiple IP addresses on same interface. It allows
selecting which local IP address to use when isakmp
packets are sent.

These things are currently under my testing, but I'm
going to make them available publicly. Which would
be the best approach for this - should I put
the patches into freebsd racoon port or maybe pass
them directly to kame project ?

	Ari S.
	Lapppeenranta, Finland

More information about the freebsd-net mailing list