Is anyone familiar with using "ip xfrm state set" command? I'm trying to nail up a tunnel with ESN enabled. I can nail up a tunnel with the following commands....but can't figure out how to enable Extended Sequence Numbers (ESN). The command I'm using to set state is as follows: ip xfrm state add src 10.2.0.1 dst 10.0.4.1 proto esp spi 0x00000301 mode tunnel replay-window 64 flag af-unspec aead "rfc4106(gcm(aes))" 0x112233445566778899001122334455667788990022334455667788990011223344556677 96 The ip xfrm man page doesn't explicitly explain esn...but there seems to be support for it in the iproute2 package. Note: I'm trying to nail up a tunnel w/o IKE. I have it working, but would like to enable ESN.
1. build a project on wrl6; 2. boot it; 3. run ip xfrm state set esn
