[Click] Problem with IPsecDES

Eddie Kohler kohler at cs.ucla.edu
Tue Jun 5 17:46:55 EDT 2007 

Hi,

I've gone ahead and removed the ipsec-des{,3}.click files from the 
repository; sounds like they were out of date.

Dimitris, I'd really appreciate it if you were to update the 
ipsec-router.click file's comments.  RIght now it claims that it is 
ip-router.click (it isn't), and there aren't a lot of comments 
explaining the tunneling.

Thanks!
Eddie


Dimitris Syrivelis wrote:
> Hello,
> 
>   The Documentation on IPsecDES and this particular configuration file 
> (ipsec-des.click) are outdated because the modules have been recently 
> revised. Despite that, if this configuration suits your needs you may use 
> click-1.5.0 release or earlier. 
>  In the current release click has a Security Association Database and the keys 
> for encryption and authentication are stored there and are passed to each 
> IPsec module via the click annotation space mechanism. 
>  This database (it is a click hashtable) resides in RadixIPsecLookup routing 
> table module.
>   You should check the ipsec-router.click configuration example as well as the 
> click documentation for IPsec which is here:
>     http://www.read.cs.ucla.edu/click/docs/ipsec-doc
>  
>  If you have any questions please post them here because i will use the 
> feedback to improve documentation.
> 
>  If you will be using commodity PCs to create pairs of IPSec security 
> gateways, note that you should decrease the Ethernet MTU size of all the 
> machines that use these gateways to 1400 bytes  because IPsec ESP 
> encapsulation increases the packet size. 
> 
> Dimitris
> 
>> Hello,
>>
>> in the context of my diploma thesis I want to use the ipsec package to send
>> encrypted data over an ethernet network. While trying to play around with
>> the example configurations in the "conf" directory I get the following
>> errors in usermode:
>>
>> # click conf/ipsec-des.click
>> conf/ipsec-des.click:11: While configuring 'IPsecDES at 7 :: IPsecDES':
>>   too many arguments; expected 'int'
>> conf/ipsec-des.click:20: While configuring 'IPsecDES at 16 :: IPsecDES':
>>   too many arguments; expected 'int'
>> Router could not be initialized!
>>
>> Corresponding to the element documentation the syntax "IPsecDES(1,
>> 0123456789012345)" and "IPsecDES(0, 0123456789abcdef)" is correct. I
>> couldn't find any other mistake in the ipsec-des.click configuration.
>>
>> I'm using the current CVS-version. Click is configured with "./configure
>> --disable-linuxmodule --enable-ipsec" and runs under gentoo linux with
>> kernel 2.6.19-gentoo-r5. Does anyone have an idea what I'm doing wrong?
>>
>> Best regards,
>> Marco.
>>
>> ----------------------------------------------------------------
>> This message was sent using IMP, the Internet Messaging Program.
>> _______________________________________________
>> click mailing list
>> click at amsterdam.lcs.mit.edu
>> https://amsterdam.lcs.mit.edu/mailman/listinfo/click
> 
> 
> 
> 
> --
> 
> Dimitris Syrivelis
> Dept of Computer Engineering & Telecommunications ( www.inf.uth.gr )
> University of Thessaly 
> Volos
> Greece
> Tel +302421074973
> 
> _______________________________________________
> click mailing list
> click at amsterdam.lcs.mit.edu
> https://amsterdam.lcs.mit.edu/mailman/listinfo/click

More information about the click mailing list