[strongSwan] pluto uses which kernel interface
anandrao_me at yahoo.co.in
Tue Nov 16 06:58:30 CET 2010
Thanks for the quick the reply.
In my strongSwan 4.3.6 configuration I have not selected kernle-netlink plugin
and selected kernel-pfkey plugin.
In this case pluto doesn't work, this is expected because it doesn't use pfkey
interface, but I observed that
when both charon and pluto are run together then pluto is able to establish the
SA's successfully, does it mean that
when pluto is run along with charon it takes the charon's kernel-interface to
----- Original Message ----
From: Andreas Steffen <andreas.steffen at strongswan.org>
To: anand rao <anandrao_me at yahoo.co.in>
Cc: users at lists.strongswan.org
Sent: Tue, November 9, 2010 3:55:50 PM
Subject: Re: [strongSwan] pluto uses which kernel interface
pluto in strongSwan 4.3.6 uses the XFRM Netlink interface to communicate
with the native IPsec stack of the Linux 2.6 kernel.
With strongSwan 4.5.0 pluto loads charon's kernel-netlink plugin
and uses the XFRM Netlink interface per default. Alternatively you can
enable the kernel-pfkey plugin
./configure --disable kernel-netlink --enable-kernel-pfkey
which uses the PFKEYv2 interface to communicate with the kernel.
I haven't tested this with pluto but there are PFKEYv2 test scenarios
for the charon daemon:
On 11/09/2010 10:50 AM, anand rao wrote:
> From the mailing list I found out that PLUTO doesn't have support for
> kernel interface.
> Can you please let me know which interface does PLUTO uses to communicate with
> XFRM (kernel).
> I am using strongswan 4.3.6 version.
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users