From owner-IPv6-jp@jp.freebsd.org  Tue May 11 18:38:31 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id SAA86677;
	Tue, 11 May 1999 18:38:31 +0900 (JST)
	(envelope-from owner-IPv6-jp@jp.FreeBSD.org)
Received: from cynthia.system-cobo.co.jp (cynthia.system-cobo.co.jp [210.227.91.129])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id SAA86672
	for <ipv6-jp@jp.freebsd.org>; Tue, 11 May 1999 18:38:31 +0900 (JST)
	(envelope-from yuuitiro@cynthia.system-cobo.co.jp)
Received: from littlegirl.system-cobo.co.jp (littlegirl.system-cobo.co.jp [210.227.91.130])
	by cynthia.system-cobo.co.jp (8.9.3+3.1W/3.7W/COBO-mx-2.0/99030817) with ESMTP id SAA13118
	for <ipv6-jp@jp.freebsd.org>; Tue, 11 May 1999 18:38:29 +0900 (JST)
Received: from ayako.system-cobo.co.jp (ayako.in.system-cobo.co.jp [192.168.1.21]) 
	by littlegirl.system-cobo.co.jp (8.8.8/littlegirl-mx-1.0) with ESMTP id SAA03630 
	for <ipv6-jp@jp.freebsd.org>; Tue, 11 May 1999 18:38:29 +0900 (JST)
Received: from ayako.system-cobo.co.jp (localhost [127.0.0.1])
	by ayako.system-cobo.co.jp (8.9.2.Beta4/3.7Wayako-98082801) with ESMTP id SAA23046
	for <IPv6-jp@jp.freebsd.org>; Tue, 11 May 1999 18:38:27 +0900 (JST)
Message-Id: <199905110938.SAA23046@ayako.system-cobo.co.jp>
To: IPv6-jp@jp.freebsd.org
X-Mailer: Mew version 1.70 on Emacs 20.3.2 / Mule 4.0
From: Yuuitiro Matsumoto <yuuitiro@vcnet.toyama.toyama.jp>
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Tue, 11 May 1999 18:38:26 +0900
Reply-To: IPv6-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990430
X-Sequence: IPv6-jp 224
Subject: [IPv6-jp 224] IPv6 / IPsec
Errors-To: owner-IPv6-jp@jp.freebsd.org
Sender: owner-IPv6-jp@jp.freebsd.org
X-Originator: yuuitiro@cynthia.system-cobo.co.jp

$B$^$D$b$H!w%7%9%F%`%3%\$G$9!#$9$_$^$;$s<ALd$G$9!#(B

  FreeBSD 2.2.8-RELEASE + kame-19990503-snap $B$r(B install $B$7$?%[%9%H4V$G(B
IPv6 $B$G(B IPsec $B$7$h$&$H;n$_$F$$$^$9$,!"(BIPv6 + IPsec $B$GDL?.$,$G$-$:$K$$(B
$B$^$9!#(B

  $B$*8_$$$N%[%9%H4V$G!"(B

    IPv4 $B$GDL?.$O$G$-$k(B
    IPv4 + IPsec $B$GDL?.$O$G$-$k(B 
    IPv6 $B$GDL?.$O$G$-$k(B
    IPv6 + IPsec $B$GDL?.$,$G$-$J$$(B

  $B$H$$$C$?>u67$G$9!#(BIPv4 + IPsec $B$N;~$O!"(Btcpdump $B$N7k2L$K(B
  
  HostA > HostB: ESP(spi=1000,seq=0x12)
  HostB > HostA: ESP(spi=1100,seq=0x12)

  $B$H=PNO$5$l$k$N$G!"(BIPsec $B$G=hM}$5$l$F$$$k$N$@$HH=CG$7$F$$$^$9!#(B
  
  setkey $B$G$N(B SPI, SPD $B$N@_Dj$@$H;W$&$N$G$9$,!"2<5-$N@_Dj$r9T$C$F$b!"(B
IPv6 $B$G$O(B IPsec $B$G=hM}$5$l$J$$$^$^$K$J$C$F$7$^$$$^$9!#(B

#  $B2<5-$N@_Dj$O!"(BIPv4 $B$G(B IPsec $B$G$-$?;~$N$b$N$r$=$N$^$^(B IPv6 $B$N%"%I%l(B
#  $B%9$KCV$-49$($F$_$?$N$G$9$,(B...

1. HostA ($B<B:]$K$O(B IPv6 $B$N(B Address)
--
add HostA HostB
         any 1010 -p esp -E des-cbc "hogehoge" ;

add HostB HostA
         any 1110 -p esp -E des-cbc "HOGEHOGE" ;

spdadd  HostA HostB
        any -P ipsec esp/require ;
--

2. HostB ($B<B:]$K$O(B IPv6 $B$N(B Address)
--
add HostA HostB
        any 1010 -p esp -E des-cbc "hogehoge" ;

add HostB HostA
        any 1110 -p esp -E des-cbc "HOGEHOGE" ;

spdadd  HostA HostB
        any -P ipsec esp/require ;
--

-- 
System COBO Co, Ltd. / Yuuitiro Matsumoto
yuuitiro@vcnet.toyama.toyama.jp
