Jean-Mickael Guerin <[EMAIL PROTECTED]> wrote:
> In ip6ip6_tnl_xmit(), we do not xfrm_lookup() when the dst has been
> stored in cache.
> If cache is filled before a security policy such ipsec transport mode on
> end points
> is added, and no routing changes happen, how to invalidate the cache to
Sorry the patch looks corrupted so I repost with attachment.
Jean-Mickael
--
[IPV6] ip6ip6_tnl_dst_check() : invalidate dst cache whenever xfrm
policies change
Signed-off-by: [EMAIL PROTECTED]
diff --git a/include/net/ip6_tunnel.h b/include/net/ip6_tunnel.h
index 29c9da7..5bc6e98 100644
---
In ip6ip6_tnl_xmit(), we do not xfrm_lookup() when the dst has been
stored in cache.
If cache is filled before a security policy such ipsec transport mode on
end points
is added, and no routing changes happen, how to invalidate the cache to
trigger a
new xfrm_lookup()?
I would check flow_cache
