Inbound IPSec Processing

• If IPSec header is absent, the security layer checks SPD:

  • Output of SPD from selectors:
    • discard
    • bypass
    • apply: discard or process and pass to next layer

• If IPSec header exists, packet flows to IPSec layer, extracts

  • SPI
  • source address
  • destination address
  • IP datagram

Previous slide

Back to first slide

View graphic version