[Swan] NetKey vs KLIPS
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Thu Sep 11 18:05:38 EEST 2014
On Thu, Sep 11, 2014 at 10:57:07AM -0400, Paul Wouters wrote:
> I think netkey has its own issues there. When your DHCP lease renwews to
> the same IP address as before, you lose your tunnel silently.
Why would anything happen to the interface is the IP isn't changed?
> There should really be a proper hook for tcpdump that would allow seeing
> the complete packet flow, and one where you would only see either
> encrypted or decrypted packets.
True, netkey makes tcpdump a pain in the ass. OK one point for klips
there.
--
Len Sorensen
More information about the Swan
mailing list