[Click] Problem with IPsecDES

Dimitris Syrivelis jsyr at inf.uth.gr
Wed May 30 05:13:05 EDT 2007 

Hello,

  The Documentation on IPsecDES and this particular configuration file 
(ipsec-des.click) are outdated because the modules have been recently 
revised. Despite that, if this configuration suits your needs you may use 
click-1.5.0 release or earlier. 
 In the current release click has a Security Association Database and the keys 
for encryption and authentication are stored there and are passed to each 
IPsec module via the click annotation space mechanism. 
 This database (it is a click hashtable) resides in RadixIPsecLookup routing 
table module.
  You should check the ipsec-router.click configuration example as well as the 
click documentation for IPsec which is here:
    http://www.read.cs.ucla.edu/click/docs/ipsec-doc
 
 If you have any questions please post them here because i will use the 
feedback to improve documentation.

 If you will be using commodity PCs to create pairs of IPSec security 
gateways, note that you should decrease the Ethernet MTU size of all the 
machines that use these gateways to 1400 bytes  because IPsec ESP 
encapsulation increases the packet size. 

Dimitris

> Hello,
>
> in the context of my diploma thesis I want to use the ipsec package to send
> encrypted data over an ethernet network. While trying to play around with
> the example configurations in the "conf" directory I get the following
> errors in usermode:
>
> # click conf/ipsec-des.click
> conf/ipsec-des.click:11: While configuring 'IPsecDES at 7 :: IPsecDES':
>   too many arguments; expected 'int'
> conf/ipsec-des.click:20: While configuring 'IPsecDES at 16 :: IPsecDES':
>   too many arguments; expected 'int'
> Router could not be initialized!
>
> Corresponding to the element documentation the syntax "IPsecDES(1,
> 0123456789012345)" and "IPsecDES(0, 0123456789abcdef)" is correct. I
> couldn't find any other mistake in the ipsec-des.click configuration.
>
> I'm using the current CVS-version. Click is configured with "./configure
> --disable-linuxmodule --enable-ipsec" and runs under gentoo linux with
> kernel 2.6.19-gentoo-r5. Does anyone have an idea what I'm doing wrong?
>
> Best regards,
> Marco.
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
> _______________________________________________
> click mailing list
> click at amsterdam.lcs.mit.edu
> https://amsterdam.lcs.mit.edu/mailman/listinfo/click




--

Dimitris Syrivelis
Dept of Computer Engineering & Telecommunications ( www.inf.uth.gr )
University of Thessaly 
Volos
Greece
Tel +302421074973

More information about the click mailing list