Re: RFC2385 (MD5 signature in TCP packets) support

David S. Miller (davem@redhat.com)
Sun, 17 Mar 2002 20:09:49 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Douglas Gilbert: "Re: Linux 2.5.6-dj1"
Previous message: David S. Miller: "Re: bit ops on unsigned long?"
Next in thread: Mike Fedyk: "Re: RFC2385 (MD5 signature in TCP packets) support"
Reply: Mike Fedyk: "Re: RFC2385 (MD5 signature in TCP packets) support"
Reply: David S. Miller: "Re: RFC2385 (MD5 signature in TCP packets) support"

From: Alan Cox <alan@lxorguk.ukuu.org.uk>
Date: Sat, 16 Mar 2002 01:43:05 +0000 (GMT)

Dave's suggestion is netfilter - and netfilter is fast enough I
think. You only need filters on stuff you have already decided is
for your IP too.

After some thinking, the TAP idea is even nicer as it guarentees zero
overhead, make it such that you only route the BGP stuff over the
device having the TAP attached (make a dummy eth alias just for this
purpose).

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Douglas Gilbert: "Re: Linux 2.5.6-dj1"
Previous message: David S. Miller: "Re: bit ops on unsigned long?"
Next in thread: Mike Fedyk: "Re: RFC2385 (MD5 signature in TCP packets) support"
Reply: Mike Fedyk: "Re: RFC2385 (MD5 signature in TCP packets) support"
Reply: David S. Miller: "Re: RFC2385 (MD5 signature in TCP packets) support"