BTW, why not use xfrm instead? Then you dont have to worry about racoon.
What do you mean by this?
- Do you suggest that there is another IKE implemetation for Linux 2.6 IPSec
stack which uses netlink socket (XFRM) for kernel communication? If so,
would you please point me to it?
Or
- Do
You should be able to fix it in the kernel by listening to events of
the interface/device disappearing.
Interesting, I've thought that it would have to be done explicitly by the
interface
cleanup code, this approach looks promising to me.
By disappearing i think you meant
the netdevice