On Fri, Feb 8, 2013 at 3:41 PM, Saul St. John wrote:
> On 02/07/2013 07:12 PM, Jesse Gross wrote:
>>
>> On Thu, Feb 7, 2013 at 3:23 PM, Saul St. John wrote:
>>>
>>> 2) Is it possible to similarly ignore (transport-mode) AH in IPv4
>>> packets,
>>>
>>> or does the presence of an AH preclude matchi
On 02/07/2013 07:12 PM, Jesse Gross wrote:
On Thu, Feb 7, 2013 at 3:23 PM, Saul St. John wrote:
2) Is it possible to similarly ignore (transport-mode) AH in IPv4 packets,
or does the presence of an AH preclude matching against L4 ports?
It should be possible although the case for it is less cl
On Thu, Feb 7, 2013 at 3:23 PM, Saul St. John wrote:
> Hi!
>
> I was reading DESIGN and lib/flow.c to try and better understand the
> behavior of Open vSwitch vis-a-vis IPsec authentication headers. It looks
> like IPsec Authentication Headers are basically ignored on IPv6 packets when
> populatin
Hi!
I was reading DESIGN and lib/flow.c to try and better understand the
behavior of Open vSwitch vis-a-vis IPsec authentication headers. It
looks like IPsec Authentication Headers are basically ignored on IPv6
packets when populating the 'flow' struct. As such, it would be possible
to match
