Hi,
In kernel_netlink_ipsec.c add_policy methed, the code checks if mode !=
MODE_TRANSPORT to insert to route.
Yes. Why do you need an additional route in transport mode? There are
usually no new addresses or routes involved, transport mode just
protects the traffic between two hosts that
Hi Diego,
I forgot to clarify that route is inserted if compress=no. In
kernel_netlink_ipsec.c add_policy methed, the code checks if mode !=
MODE_TRANSPORT to insert to route.
Yes, if IPComp is enabled the actual IPsec SA uses transport mode in the kernel
as the inner IPComp SA
