* Sebastian Andrzej Siewior <sebast...@breakpoint.cc> [2011-08-08
22:46:38+0200]:
>
> * Thus spake Alexander Clouter (a...@digriz.org.uk):
>
> > I have just been tasked with putting together an active-active IPsec VPN
> > concentrator (with a need to use AES-SHA1 it seems) and I was hoping to
> > use the OpenRD's (and mv_cesa). Have you got a patch I can test that
> > fixes things for SHA1?
>
> The patch below should work around the problem by not using it.
>
I'll have you know I passed with honours from the "Computing School of
Commenting Out" and as such do not require such assistance as this ;)
> You could try the kernel from backports. If I remember correctly than
> it seems that the later kernel passes one big chunk instead of three
> requests (init, update, fin). If that works out for then the only
> problem are fragmanted packets.
>
Do not tinkering with the 'mode' bit at 0xdd18 help[1][2] (as suggested
by Arnaud)? I'm happy to be the guinea pig here.
I'll install the backports one anyway for testing and let you know.
Cheers
[1] page 458 of
http://www.embeddedarm.com/documentation/third-party/MV88F5182-usermanual.pdf
[2] you might also be interested in
http://www.digriz.org.uk/ts78xx?action=AttachFile&do=get&target=88F5182_Functional_Errata.pdf
--
Alexander Clouter
.sigmonster says: Knocked, you weren't in.
-- Opportunity
--
To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110809210515.GX31044@chipmunk
