Hi, > I would like to do rekeying of phase 2 using a different physical > channel than the one i use for data.
What do you mean by a different physical channel? What about Phase 1? > If the plugin interface has direct access to PF_KEY i guess it would be > possible, am i right? We have an abstraction layer for SAD/SPD management, called kernel_interface_ipsec. We have different plugins providing an implementation, including one for Netlink and one for PF_KEY. But I don't understand how PF_KEY is related to your separated Phase 2 rekeying... Regards Martin _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
