Re: a couple of comments on xfrm

From: Brian Buesker
Date: Wed Mar 31 2004 - 17:00:11 EST

David S. Miller wrote:

On Wed, 31 Mar 2004 08:48:26 -0800
Brian Buesker <bbuesker@xxxxxxxxxxxx> wrote:

1. Use the sadb_x_policy_reserved2 field of struct sadb_x_policy to indicate the priority.

I think this is fine, as long as we can be reasonably sure the
existing apps zero this thing out which I believe they do.

Yes, racoon and setkey zero this field.

What does KAME do to support SPD priorities via PF_KEY,
does anyone know?

Looking at the code real quick, it doesn't appear that they actually support priorities. It looks like each policy always gets inserted at the end of the list. I could be wrong though as I don't know the code very well.
