Re: IPSEC
On 22:59, Robert Millan wrote:
> Steven Chamberlain:
> > But I wonder if it would become awkward if features are provided by
> > flavours. Someday we could end up with e.g. 3x2x2 different flavours,
> > or have to offer the choice of one feature but not both together.
>
> I think offering the choice of one feature but not both together is a
> good thing. Then users have some incentive to figure out what's needed
> to move their feature to GENERIC and lend us a hand ;-)
Yes. Or to build their own custom kernel following the examples; I
will likely do that so I can use IPSEC and XENHVM together here.
> > But IPSEC is unlikely needed in a Xen domU, because IPSEC could be more
> > effectively handled by the dom0, which has to be trusted anyway.
>
> I see... so in this case it doesn't hurt?
Right, it's no problem. If the existing Xen PV flavour doesn't have
IPSEC I don't think anyone will miss it. And if someday there is a
XENHVM flavour I guess hardly anyone would need IPSEC included in it.
So I think that leaves us with only: 486, 686, amd64, malta. Does it
make sense to have an IPSEC flavour for each of those? Maybe it will
fail to build on some, but otherwise I can see it as being useful on
all those platforms.
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Reply to:
- Follow-Ups:
- Re: IPSEC
- From: Robert Millan <rmh@debian.org>
- References:
- IPSEC
- From: Robert Millan <rmh@debian.org>
- Re: IPSEC
- From: Robert Millan <rmh@debian.org>
- Re: IPSEC
- From: Steven Chamberlain <steven@pyro.eu.org>
- Re: IPSEC
- From: Robert Millan <rmh@debian.org>