[Click] Problem with IPsecDES
Dimitris Syrivelis
jsyr at inf.uth.gr
Thu Jun 7 14:31:23 EDT 2007
Hi all,
Eddie, i have improved the commentary of the simple-ipsec.click that it is
located at the Wiki:
http://www.read.cs.ucla.edu/click/examples/simple-ipsec.click
In terms of click configuration it is the same as the ipsec-router.click in
the CVS sources so it can be replaced.
Dimitris
> Hi,
>
> I've gone ahead and removed the ipsec-des{,3}.click files from the
> repository; sounds like they were out of date.
>
> Dimitris, I'd really appreciate it if you were to update the
> ipsec-router.click file's comments. RIght now it claims that it is
> ip-router.click (it isn't), and there aren't a lot of comments
> explaining the tunneling.
>
> Thanks!
> Eddie
>
> Dimitris Syrivelis wrote:
> > Hello,
> >
> > The Documentation on IPsecDES and this particular configuration file
> > (ipsec-des.click) are outdated because the modules have been recently
> > revised. Despite that, if this configuration suits your needs you may use
> > click-1.5.0 release or earlier.
> > In the current release click has a Security Association Database and the
> > keys for encryption and authentication are stored there and are passed to
> > each IPsec module via the click annotation space mechanism.
> > This database (it is a click hashtable) resides in RadixIPsecLookup
> > routing table module.
> > You should check the ipsec-router.click configuration example as well
> > as the click documentation for IPsec which is here:
> > http://www.read.cs.ucla.edu/click/docs/ipsec-doc
> >
> > If you have any questions please post them here because i will use the
> > feedback to improve documentation.
> >
> > If you will be using commodity PCs to create pairs of IPSec security
> > gateways, note that you should decrease the Ethernet MTU size of all the
> > machines that use these gateways to 1400 bytes because IPsec ESP
> > encapsulation increases the packet size.
> >
> > Dimitris
> >
> >> Hello,
> >>
> >> in the context of my diploma thesis I want to use the ipsec package to
> >> send encrypted data over an ethernet network. While trying to play
> >> around with the example configurations in the "conf" directory I get the
> >> following errors in usermode:
> >>
> >> # click conf/ipsec-des.click
> >> conf/ipsec-des.click:11: While configuring 'IPsecDES at 7 :: IPsecDES':
> >> too many arguments; expected 'int'
> >> conf/ipsec-des.click:20: While configuring 'IPsecDES at 16 :: IPsecDES':
> >> too many arguments; expected 'int'
> >> Router could not be initialized!
> >>
> >> Corresponding to the element documentation the syntax "IPsecDES(1,
> >> 0123456789012345)" and "IPsecDES(0, 0123456789abcdef)" is correct. I
> >> couldn't find any other mistake in the ipsec-des.click configuration.
> >>
> >> I'm using the current CVS-version. Click is configured with "./configure
> >> --disable-linuxmodule --enable-ipsec" and runs under gentoo linux with
> >> kernel 2.6.19-gentoo-r5. Does anyone have an idea what I'm doing wrong?
> >>
> >> Best regards,
> >> Marco.
> >>
> >> ----------------------------------------------------------------
> >> This message was sent using IMP, the Internet Messaging Program.
> >> _______________________________________________
> >> click mailing list
> >> click at amsterdam.lcs.mit.edu
> >> https://amsterdam.lcs.mit.edu/mailman/listinfo/click
> >
> > --
> >
> > Dimitris Syrivelis
> > Dept of Computer Engineering & Telecommunications ( www.inf.uth.gr )
> > University of Thessaly
> > Volos
> > Greece
> > Tel +302421074973
> >
> > _______________________________________________
> > click mailing list
> > click at amsterdam.lcs.mit.edu
> > https://amsterdam.lcs.mit.edu/mailman/listinfo/click
--
It is with narrow-souled people as with narrow necked bottles: the less they
have in them, the more noise they make in pouring it out.
--
Dimitris Syrivelis
Dept of Computer Engineering & Telecommunications ( www.inf.uth.gr )
University of Thessaly
Volos
Greece
Tel +302421074973
More information about the click
mailing list