Naruto Nguyen <narutonguyen2...@gmail.com> wrote: > Could you please elaborate more on how generic tracker tracks ESP connection?
All protocols that do not have a more specific l4 tracker are tracked based on l3 protocol + l4 proto number. IOW, any ESP packet sent between the same endpoint addresses is seen as matching a single esp flow. We could easily add the ESP SPI as additional distinction marker if needed.
