Article 1008 at 08/12/01 18:00:01 From: jiabwang@redhat.com Subject: [users:01008] [ipsec 5.4.7 Interoperability case] why did not freebsd6.3 support icmp6 echo request on tunnel mode ?

Index: [Article Count Order] [Thread]

Date: Mon, 01 Dec 2008 17:00:38 +0800
From: wang_jiabo <jiabwang@redhat.com>
Subject: [users:01008] [ipsec 5.4.7 Interoperability case]   why did not freebsd6.3  support  icmp6 echo request on tunnel mode ?
To: users@tahi.org
Message-Id: <4933A7B6.7010802@redhat.com>
X-Mail-Count: 01008

Hello, all:
the following configuration is my setkey info. when I run " setkey -f 
filename", system report "the result of line 4 :Invalid argument.
the result of line 6 : Invalid argument."
change "icmp6 128,0" to "icmp6 or any" , that is no problem .
or change "tunnel" to "transport" , that is no problem.
I do not know why , but the following configuration is no problem on RHEL5.2
that FreeBSD6.3 need patch ?
could you give me explain

Thank you very much

flush;
spdflush;
add 3ffe:501:ffff:103:20a:ebff:fe85:9e56 
3ffe:501:ffff:104:21d:fff:fe19:59fc esp 0x2000 -m tunnel -E 3des-cbc 
"ipv6readylogo3des1to2req" -A hmac-sha1 妬pv6readysha11to2req�;
spdadd 3ffe:501:ffff:103:20a:ebff:fe85:9e56 
3ffe:501:ffff:104:21d:fff:fe19:59fc icmp6 128,0 -P in ipsec 
esp/tunnel/3ffe:501:ffff:103:20a:ebff:fe85:9e56-3ffe:501:ffff:104:21d:fff:fe19:59fc/require;
add 3ffe:501:ffff:104:21d:fff:fe19:59fc 
3ffe:501:ffff:103:20a:ebff:fe85:9e56 esp 0x1000 -m tunnel -E 3des-cbc 
"ipv6readylogo3des2to1req" -A hmac-sha1 妬pv6readysha12to1req�;
spdadd 3ffe:501:ffff:104:21d:fff:fe19:59fc 
3ffe:501:ffff:103:20a:ebff:fe85:9e56 icmp6 128,0 -P out ipsec 
esp/tunnel/3ffe:501:ffff:104:21d:fff:fe19:59fc-3ffe:501:ffff:103:20a:ebff:fe85:9e56/require;