Difference between revisions of "IPsec"
(moar kernel modules) |
|||
| Line 6: | Line 6: | ||
Tested with libreswan. | Tested with libreswan. | ||
| + | |||
| + | Limitations: | ||
| + | * online migration on a Container with IPsec inside - does not work | ||
[[Category: HOWTO]] | [[Category: HOWTO]] | ||
[[Category: Networking]] | [[Category: Networking]] | ||
Revision as of 13:26, 25 December 2014
For IPsec to work inside a container:
- Kernel 042stab084.8 or later
- The following kernel modules must be loaded before container start:
af_key esp4 esp6 xfrm4_mode_tunnel xfrm6_mode_tunnel
- Capability
net_adminmust be granted to a container
Tested with libreswan.
Limitations:
- online migration on a Container with IPsec inside - does not work
