[strongSwan] bare minimum required kernel modules/version
andreas.steffen at strongswan.org
Thu Mar 18 20:42:46 CET 2010
Matthias Dahl wrote:
> I took over the maintainership of the strongswan ebuild on Gentoo and I am
> currently in the process of polishing it as time permits.
> I'd like to add kernel config sanity checks to the ebuild, so a potential user
> won't shoot his own feet. Looking around the wiki I found this:
> Is this list the real bare minimum even if one only wants to use IPv4? I
> recall there was some bug that prevented one from configuring w/o IPv6 on some
> 2.6.28 kernel? I for one don't have "IP: policy routing" enabled (didn't know
> it was "required") and strongswan still works just fine.
> That brings me to my next question: What is the suggested kernel version for
> the 4.3.6 release? Currently we allow any 2.6 kernel but I guess that's just a
> bad idea.
Actually most strongSwan features work with any Linux 2.6 kernel as
far back as 2.6.16 but in order to take advantage of the correct
implementation of the SHA-2 HMAC ESP algorithms which Martin contributed
as a kernel patch I recommend to run strongSwan 4.3.6 with the latest
Linux 2.6.33 kernel.
> Thanks for taking the time... and if you have any suggestions or critique for
> the Gentoo ebuild, please let me know, so I can improve things.
> So long,
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users