Hi
There was this query as below posted sometime back, but I couldn't find the
response to it. Can someone please provide the details?
Thanks,
Chintu
-----------------------------------------------------------------------------------------------------------------------
In net/key/af_key.c, there are something about PF_KEY as follows:
static struct xfrm_mgr pfkeyv2_mgr =
{
.id = "pfkeyv2",
.notify = pfkey_send_notify,
.acquire = pfkey_send_acquire,
.compile_policy = pfkey_compile_policy,
.new_mapping = pfkey_send_new_mapping,
};
In net/xfrm/xfrm_user.c, there are also something about Netlink as follows:
static struct xfrm_mgr netlink_mgr = {
.id = "netlink",
.notify = xfrm_send_state_notify,
.acquire = xfrm_send_acquire,
.compile_policy = xfrm_compile_policy,
.notify_policy = xfrm_send_policy_notify,
};
When kernel send a message to racoon for setting up a SA, both
pfkey_send_acquire() and xfrm_send_acquire() seem to be getting invoked.
My query is what is the relationship between PF_KEY and Netlink in Linux
kernel, when we use IPsec?
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
