ipsec_tncfg man page

ipsec_tncfg ā€” lists IPSEC virtual interfaces attached to real interfaces


ipsec tncfg


Note that tncfg is only supported on the KLIPS stack which uses ipsecX interfaces bound to physical interfaces


/proc/net/ipsec_tncfg is a read-only file that lists which IPSEC virtual interfaces are attached to which real interfaces, through which packets will be forwarded once processed by IPSEC.

Each line lists one ipsec I/F. A table entry consists of:


ipsec2 -> eth3 mtu=16260(1443) -> 1500

shows that virtual device ipsec2 with an MTU of 16260 is connected to physical device eth3 with an MTU of 1500 and that the effective MTU as a result of PMTU discovery has been automatically set to 1443.

ipsec0 -> wvlan0 mtu=1400(16260) -> 1500

shows that virtual device ipsec0 with an MTU of 1400 is connected to physical device wvlan0 with an MTU of 1500 and no PMTU packets have gotten far enough to bump down the effective MTU from its default of 16260.

ipsec3 -> NULL mtu=0(0) -> 0

shows that virtual device ipsec3 is not connected to any physical device.


/proc/net/ipsec_tncfg, /usr/local/bin/ipsec

See Also

ipsec(8), ipsec_eroute(5), ipsec_spi(5), ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5), ipsec_pf_key(5)


Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Richard Guy Briggs.


Paul Wouters

placeholder to suppress warning

Referenced By

ipsec_eroute(5), ipsec_spi(5), ipsec_spigrp(5), ipsec_tncfg(8).

02/01/2019 libreswan Executable programs