Hi all, I have recently run into the issue where connect() returns -EAGAIN if the remote host is on the other end of an IPsec tunnel for which no SAD exists yet.
I have read a few threads on the topic, and it seems that the idea is to implement a scheme similar to ARP for queueing outgoing packets until the SAD has been negotiated by the IKE process. I have a couple of questions: are there any patches out which solve this problem? Also, what is the purpose of the code in the xfrm_lookup function (in net/xfrm_policy.c) when `flags' is true? I have applied a patch similar to http://sourceforge.net/mailarchive/message.php?msg_id=8621194 which gives desirable behaviour (ie. telnet appears to pause while the racoon negotiation is performed, after which it connects just fine, no EAGAIN). Please CC me to any responses, I am not subscribed to the list. Thanks for your time, James -- James Ring - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
