Dan McDonald writes: > It doesn't. The socket, if so marked, merely allows the shuffling-off of > ESP-in-UDP for datagrams that hit that socket. > > It's up to Key Management (e.g. IKE) to pin these sockets up. And usually > the KM traffic uses the 0-SPI value with its peer.
Ah, that's the bit I needed to understand, thanks. I was expecting a closer tie here. -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
