Hi! I have a problem with kernel's behavior when receiving ESP/AH packets with unknown SPI values.
As it turns out, when such a packet arrives, kernel simply discards it. The consequence is that in some tests first packet is lost. For example, trying to ping other side the 0th packet will be sent, but all the others will go alright. In other words, there is basically a race between ICMP packet coming to machine, and IKE daemon on that machine that is installing SAs. Am I right? Can anything be done about it? Furthermore, if we assume that the answer to previous question is positive, then kernel upon receiving ESP/AH packet with unknown SPI values could also send ACQUIRE message to all listening KM processes. What is design rationale against such behavior? Thanks in advance, Stjepan Gros - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
