IPSEC kernel configuration API PF_KEY will be deprecated

Solution Verified - Updated -

Issue

  • From RHEL9.3 when the af_key module is loaded the following dmesg appears:
Warning: Deprecated Driver is detected: PF_KEY will not be maintained in a future major release and may be disabled

"NET: Registered PF_KEY protocol family" message is expected and has always appeared. The af_key is loaded by "modprobe af_key" or whenever a program (such as the one below) requires it.

#include <sys/socket.h>
#include <linux/pfkeyv2.h>
int main(){
  socket(PF_KEY, SOCK_RAW, PF_KEY_V2);
}

Environment

  • Red Hat Enterprise Linux 9.3
  • IPSEC

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content