What is ISAKMPD?


IPsec does not handle key management!
keys can be configured manually or through a key management protocol

ISAKMP/IKE is the only protocol really in use

ISAKMP is composed of two phases 
negiotiated through a series of exchanges

Phase 1: "get to know your peer"
identification and authentication of peers
establishing a secure channel
negotiating SA properties

Phase 2: "establish the tunnels"
negotiating more SA properties
installing the flows into kernel (IPsec stack)

OpenBSD's IKE daemon is isakmpd(8)