OpenSolaris

Printable Version Enter a New Search
Bug ID 6558864
Synopsis remove nattymod
State 10-Fix Delivered (Fix available in build)
Category:Subcategory network:ipsec
Keywords punchin
Responsible Engineer Dan Mcdonald
Reported Against
Duplicate Of
Introduced In solaris_10
Commit to Fix snv_73
Fixed In snv_73
Release Fixed solaris_nevada(snv_73) , solaris_10u7(s10u7_02) (Bug ID:2168169)
Related Bugs 6281836 , 6481450 , 6558870 , 6582318 , 6584011 , 6588015 , 6595368 , 6595877
Submit Date 17-May-2007
Last Update Date 15-September-2007
Description 
Since Yosemite (PSARC 2005/082) went back, we've had the opportunity to discard nattymod
and perform ESP-in-UDP, as well as IKE or other IPsec KM schemes over a NAT without
the use of an extra STREAMS module.

Yosemite's integration of UDP into IP's perimeter means UDP (and NAT-Traversal) can
access IP structures directly.  It also destroys nesting places for qtimeout() races
like 6481450.
Work Around 
N/A
Comments 
N/A