Unix/Linux Go Back    


NetBSD 6.1.5 - man page for fast_ipsec (netbsd section 4)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


FAST_IPSEC(4)			   BSD Kernel Interfaces Manual 		    FAST_IPSEC(4)

NAME
     fast_ipsec -- Fast IPsec hardware-accelerated IP Security Protocols

SYNOPSIS
     options IPSEC
     options IPSEC_DEBUG
     options IPSEC_NAT_T

DESCRIPTION
     IPsec is a set of protocols, ESP (for Encapsulating Security Payload) AH (for Authentication
     Header), and IPComp (for IP Payload Compression Protocol) that provide security services for
     IP datagrams.  Fast IPsec is an implementation of these protocols that uses the
     opencrypto(9) subsystem to carry out cryptographic operations.  This means, in particular,
     that cryptographic hardware devices are employed whenever possible to optimize the perfor-
     mance of these protocols.

     In general, the Fast IPsec implementation is intended to be compatible with the KAME IPsec
     implementation.  The user should refer to ipsec(4) for basic information on setting up and
     using these protocols.

     System configuration requires the opencrypto(9) subsystem.  When the Fast IPsec protocols
     are configured for use, all protocols are included in the system.	To selectively
     enable/disable protocols, use sysctl(8).

DIAGNOSTICS
     To be added.

SEE ALSO
     kame_ipsec(4), setkey(8), sysctl(8), opencrypto(9)

HISTORY
     The protocols draw heavily on the OpenBSD implementation of the IPsec protocols.  The policy
     management code is derived from the KAME implementation found in their IPsec protocols.  The
     Fast IPsec protocols are based on code which appeared in FreeBSD 4.7.  The NetBSD version is
     a close copy of the FreeBSD original, and first appeared in NetBSD 2.0.

     Support for IPv6 and IPcomp protocols has been added in NetBSD 4.0.

     Support for IPSEC_NAT_T (Network Address Translator Traversal as described in RFCs 3947 and
     3948) has been added in NetBSD 5.0.

BUGS
     Certain legacy authentication algorithms are not supported because of issues with the
     opencrypto(9) subsystem.

     This documentation is incomplete.

BSD					 January 23, 2012				      BSD
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums


All times are GMT -4. The time now is 07:32 PM.