[strongSwan-dev] Phase 2 rekeying using different physical channel
Martin Willi
martin at strongswan.org
Fri Jul 13 10:27:06 CEST 2012
Hi,
> I would like to do rekeying of phase 2 using a different physical
> channel than the one i use for data.
What do you mean by a different physical channel? What about Phase 1?
> If the plugin interface has direct access to PF_KEY i guess it would be
> possible, am i right?
We have an abstraction layer for SAD/SPD management, called
kernel_interface_ipsec. We have different plugins providing an
implementation, including one for Netlink and one for PF_KEY. But I
don't understand how PF_KEY is related to your separated Phase 2
rekeying...
Regards
Martin
More information about the Dev
mailing list