Does anyone reading know about how SPIs are handled? I have a patch for BIRD to adapt their existing Linux/FreeBSD support for tcpmd5. It was originally written for Linux which requires a fixed SPI (0x1000) and they do the same on FreeBSD, they don't have a way to store SPI with the peer (and adding it looks fiddly).
OpenBGPd does fetch a new SPI from the kernel but I think it's needed there because it's used to support IPsec as well as tcpmd5. Patched BIRD functions OK in tests using a fixing SPI - add/remove all work - just wondering if I'm setting up for trouble by not using unique ones, or whether it just means it can't have multiple tcpmd5 SAs for the same host (e.g. for different ports, which is unlikely to be of any practical use).
