Linux IPsec assumes transport layer handles packet retransmissions. IMHO, this is a fair assumption except that it can cause unnecessary delay to e.g. TCP connections, leading to lowered user experience.
So either it should reported to some other bugzilla or the description of this bug should be changed to "hipfw lacks a packet cache mechanism".
This is a "feature" in the Linux IPsec (see the first bullet):
http:// vger.kernel. org/~davem/ net_todo. html
Linux IPsec assumes transport layer handles packet retransmissions. IMHO, this is a fair assumption except that it can cause unnecessary delay to e.g. TCP connections, leading to lowered user experience.
So either it should reported to some other bugzilla or the description of this bug should be changed to "hipfw lacks a packet cache mechanism".