Re: Getting started with ktls

From: tech-lists <tech-lists_at_zyxst.net>
Date: Sun, 14 Mar 2021 23:07:23 +0000
On Sun, Mar 14, 2021 at 08:55:18PM +0000, Rick Macklem wrote:

>Alan explains how to set it up, below.
>However, I thought I'd note that maybe one person has tested KTLS
>on arm64, so you should consider doing this for test purposes only.
>If you do do some testing, please post with your results,
>success or failure.

will do. The end-point I want is to have the arm64 machine accessible
externally for wireguard-based vpn. 

>Doing it this way means that everything linked to OpenSSL will use
>it. Probably a better testsituation, but expect at least the apache
>server to break. (Most breakage was fixed by a recent patch to the
>serf library, but I think the apache server is still broken.

I have latest serf installed with nginx. The machine, a rpi4/8GB, builds
its ports with poudriere. I have WITH_OPENSSL_KTLS= set in /etc/src.conf
and it's building a new world now.

>If you want to try NFS-over-TLS, see this:
>https://people.freebsd.org/~rmacklem/nfs-over-tls-setup.txt

>Please let us know if you try it, rick

yep, I'll try that too and post results here.

thanks :D
-- 
J.

Received on Sun Mar 14 2021 - 22:07:29 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:27 UTC