1,734
edits
Changes
no edit summary
For IPsec to work inside a container:
* Kernel 042stab084.8 or later
* Kernel module The following kernel modules must be loaded before container start:: <code>af_keyesp4 esp6 xfrm4_mode_tunnel xfrm6_mode_tunnel</code> must be loaded before starting containers
* Capability <code>net_admin</code> must be granted to a container
Tested with libreswan.
Limitations:* online migration on a Container with IPsec inside - does not work [[CategoriesCategory: HOWTO]][[Category: Networking]][[Category: TRD]]
