On Mon, 9 Jun 2003 12:06:35 +0300 (EEST)
Henrik Petander <lpetande@xxxxxxxxxxxxxxxxxxx> wrote:
> On Fri, 6 Jun 2003, Masahide NAKAMURA wrote:
> > We don't think we have to change the logic handling policy with
> > the reason because we can treat MIPv6 policy just like IPsec.
> > When we want to apply both MIPv6 and IPsec to the same target,
> > we need one policy that has two or more of templates(e.g. one is
> > MIPv6's template and the other is IPsec's).
> Does this also mean that the IPSec and MIPv6 policies and SAs need to be
> configured at the same time or is it possible to add templates to an
> existing policy?
Currently no interface to add templates directly to it.
> A different issue related to the different addresses is that the SPD
> lookup should be done with the original source address, i.e. home address,
> if home address option is used and with the final destination address, if
> routing header is used. SPD lookup works now for TCP (with RT header), but
> not for raw sockets, which the mipv6 daemon will use. We will provide a
> patch for fixing the SPD lookups with raw sockets, which add routing
> header and home address option from socket options.
Ok, I want to see your patch when it is provided because now I'm not so clear
about using socket option in the above case.