Open Source IMS Client

For VoWiFi, we need to operate two nested IPsec layers: The outer layer on the SWu interface to the ePDG, and the inner layer on the IMS connection to the P-CSCF.

As far as I know, Linux doesn't support nested IPsec in the kernel. So we have a couple of different options, for example:

• don't use kernel IPsec but userspace IPsec for one of the two layers
• use network namespaces to separate the two IPsec instances
• running two different [virtual, physical] machines, possible during R&D only.