[nycbug-talk] Google and IPv6 Adoption

Miles Nordin carton at Ivy.NET
Mon Apr 21 17:29:38 EDT 2008

>>>>> "ta" == Tim A <techneck at goldenpath.org> writes:

    ta> supposedly built in IPSEC?

no, that's a god damned lie fed to us by Eurocrats.  the conference
neckties made a bunch of hype about integrating it in the spec, and
they used this implementation to squeeze other kinds of crypto out of
iSCSI and OSPFv3 and probably other stuff.  but existing ipsec
implementations are much jmore likely to work, and have hardware
acceleration, on v4.  AIUI FreeBSD and NetBSD only just got v6 support
in the FAST_IPSEC codepath.  i'm not sure how well racoon is operating
on v6 or with what other stacks it interoperates, but it's certain to
be much less tested and thus interoperate less well than v4, and all
the outside-spec extras that we depend on for actually useable IPsec
for road warriors (I'm thinking mostly of phase 1.5 MODE CONFIG) are
missing for v6.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20080421/8cfe39e1/attachment.bin>

More information about the talk mailing list