Re: Ipsec - PF_KEY and set_policy

["aditya kiran" <adityaa_(_dot_)_kiran_(_at_)_gmail_(_dot_)_com>]

HI Blue,
Thanks a lot for this info.. It helped me in understanding the difference..
Thanks,
Adityaa


On 7/26/07, blue <susan_(_dot_)_lan_(_at_)_zyxel_(_dot_)_com_(_dot_)_tw> wrote:
>
> As far as I know, setkey is used for IPsec SP and SA configuration.
> ipsec_set_policy() could transfer a string to "policy request", which is
> defined in RFC 2367 PF_KEY. Internally, setkey() will call
> ipsec_set_policy() to construct the message then send it down to the
> kernel. However, ipsec_set_policy() is used only for SP, not SA.
>
> blue
>
> aditya kiran wrote:
>
> > Hi,
> > I was just trying to understand PF_KEY interface for ipsec settings. So,
> > setkey uses it to do that. but i could find another  system call -
> > ipsec_set_policy. Could any body let me know why there are two
> > interfaces to
> > configure ipsec?
> > Thanks,
> > Aditya
> > _______________________________________________
> > freebsd-net_(_at_)_freebsd_(_dot_)_org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-net
> > To unsubscribe, send any mail to "freebsd-net-unsubscribe_(_at_)_freebsd_(_dot_)_org"
> >
>
>
_______________________________________________
freebsd-net_(_at_)_freebsd_(_dot_)_org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe_(_at_)_freebsd_(_dot_)_org"