Richard Weinberger <richard.weinberger <at> gmail.com> writes: > So every logical tunnel will allocate a new net device? > Doesn't this scale badly? I have ipsec alike setups > with many, many road warriors in mind. > No. >> When a locally generated packet hits the device, it looks at the dst IP, >> looks up this dst IP in the aforementioned association table, and then >> encrypts it using the proper public key's session. Thus: one device, many peers. -- Matthias Urlichs -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
