Difference between revisions of "IPsec"
(fix categories) |
(moar kernel modules) |
||
| Line 1: | Line 1: | ||
For IPsec to work inside a container: | For IPsec to work inside a container: | ||
* Kernel 042stab084.8 or later | * Kernel 042stab084.8 or later | ||
| − | * | + | * The following kernel modules must be loaded before container start: |
| + | : <code>af_key esp4 esp6 xfrm4_mode_tunnel xfrm6_mode_tunnel</code> | ||
* Capability <code>net_admin</code> must be granted to a container | * Capability <code>net_admin</code> must be granted to a container | ||
Revision as of 18:43, 19 November 2013
For IPsec to work inside a container:
- Kernel 042stab084.8 or later
- The following kernel modules must be loaded before container start:
af_key esp4 esp6 xfrm4_mode_tunnel xfrm6_mode_tunnel
- Capability
net_adminmust be granted to a container
Tested with libreswan.
