Question about tunnels, IPsec and redirect

bill4carson bill4carson at
Thu Sep 26 03:02:52 EDT 2013

Hi Kevin

On 2013年09月25日 02:52, Kevin Wilson wrote:
> Hi,
> I am looking at this patch:
> and I cannot understand it. Can somebody please try
> to explain ?
> more specifically:
> Can somebody please give an example of some setup of IPsec tunnel
> where the ip_rt_send_redirect() method should not be called when the
> skb->sp is not NULL ?

+	if (rt->rt_flags&RTCF_DOREDIRECT && !opt->srr && !skb->sp)
If IPsec policy is not enabled for a specific flow that this skb matches, skb->sp is NULL.

> (in other words, why if the SKB is and IPsec SKB, we should not send a
> redirect in such a case while forwarding a packet; note I am talking
> about  IPv4)
> Note that the check for skb->sp was changed in recent kernels to
> skb_sec_path(skb), but it is essentially the same.
> Regards,
> Kevin
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at



More information about the Kernelnewbies mailing list