[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec
Subject: [IPsec] Query on PF_KEY vs. Netlink interface
From: Chintu Aggarwal <chintuofkpt () gmail ! com>
Date: 2014-06-06 11:18:00
Message-ID: CAFbuYbm3=4J5qihmy+eyTpiiStERwrHD1Mjf2JEE8S-cUS1OuA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi
There was this query as below posted sometime back, but I couldn't find the
response to it. Can someone please provide the details?
Thanks,
Chintu
-----------------------------------------------------------------------------------------------------------------------
In net/key/af_key.c, there are something about PF_KEY as follows:
static struct xfrm_mgr pfkeyv2_mgr =
{
.id = "pfkeyv2",
.notify = pfkey_send_notify,
.acquire = pfkey_send_acquire,
.compile_policy = pfkey_compile_policy,
.new_mapping = pfkey_send_new_mapping,
};
In net/xfrm/xfrm_user.c, there are also something about Netlink as follows:
static struct xfrm_mgr netlink_mgr = {
.id = "netlink",
.notify = xfrm_send_state_notify,
.acquire = xfrm_send_acquire,
.compile_policy = xfrm_compile_policy,
.notify_policy = xfrm_send_policy_notify,
};
When kernel send a message to racoon for setting up a SA, both
pfkey_send_acquire() and xfrm_send_acquire() seem to be getting invoked.
My query is what is the relationship between PF_KEY and Netlink in Linux
kernel, when we use IPsec?
[Attachment #5 (text/html)]
<div dir="ltr">Hi<div><br></div><div>There was this query as below posted sometime \
back, but I couldn't find the response to it. Can someone please provide the \
details?</div><div><br></div><div>Thanks,</div><div>Chintu</div> \
<div><br></div><div>------------------------------------------------------------------ \
-----------------------------------------------------</div><div><br></div><div><div \
style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium"> In \
net/key/af_key.c, there are something about PF_KEY as follows:</div><div \
style="color:rgb(0,0,0);font-family:'Times New \
Roman';font-size:medium">static struct xfrm_mgr pfkeyv2_mgr =<br>{<br> \
.id = "pfkeyv2",<br>
.notify = pfkey_send_notify,<br> \
.acquire = pfkey_send_acquire, <br> .compile_policy = \
pfkey_compile_policy,<br> .new_mapping = \
pfkey_send_new_mapping,<br>};</div><div \
style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium"> \
<br></div><div style="color:rgb(0,0,0);font-family:'Times New \
Roman';font-size:medium"> </div><div \
style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium">In \
net/xfrm/xfrm_user.c, there are also something about Netlink as follows:</div> <div \
style="color:rgb(0,0,0);font-family:'Times New \
Roman';font-size:medium">static struct xfrm_mgr netlink_mgr = {<br> \
.id = "netlink",<br> .notify \
= xfrm_send_state_notify,<br>
.acquire = xfrm_send_acquire,<br> \
.compile_policy = xfrm_compile_policy,<br> .notify_policy = \
xfrm_send_policy_notify,<br>};</div><div \
style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium"> \
<br></div><div style="color:rgb(0,0,0);font-family:'Times New \
Roman';font-size:medium">When kernel send a message to racoon for setting up a \
SA, both pfkey_send_acquire() and xfrm_send_acquire() seem to be getting \
invoked.</div> <div style="color:rgb(0,0,0);font-family:'Times New \
Roman';font-size:medium"><br>My query is what is the relationship between PF_KEY \
and Netlink in Linux kernel, when we use IPsec?</div></div></div>
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic