Monday, December 25, 2023

Re: sec interface and rdomain

which bit doesnt work? the "tunneldomain" command or actual packets moving?

sec transport is provided entirely by the ipsec stack, ie, you configure the ipsec SAs associated with the interface to operate in a specific rdomain, sec doesn't support configuration that with tunneldomain.

if you tcpdump on the enc and sec interfaces, do you see the packets you're expecting?


> On 24 Dec 2023, at 19:21, Holger Glaess <> wrote:
> hi
> i try to use the new sec0 if in this manner.
> ---
> cat /etc/hostname.sec0
> rdomain 10
> inet
> tunneldomain 0
> up
> ---
> but it will not work .
> can sec work with rdomain ?
> happy christmas to all.
> Holger

No comments:

Post a Comment