Home
QNX Software Development Platform
QNX SDP is a cross-compiling and debugging environment, including an IDE and command-line tools, for building binary images and programs for target boards running QNX Neutrino 7.1.
OS Components & Operations
Core Networking Stack User's Guide
This guide introduces you to the QNX Neutrino Core Networking stack and its manager, io-pkt.
IP Security and Hardware Encryption
The io-pkt-v4-hc and io-pkt-v6-hc stack variants include full, built-in support for IPsec.
Setting up an IPsec connection: examples
Between two boxes manually
Suppose we have two boxes, A and B, and we want to establish IPsec between them.

QNX Momentics IDE User's Guide
This User's Guide describes version 7.1 of the Integrated Development Environment (IDE) that's part of the QNX Momentics tool suite.
QNX Software Development Platform
QNX SDP is a cross-compiling and debugging environment, including an IDE and command-line tools, for building binary images and programs for target boards running QNX Neutrino 7.1.
- Quickstart Guide
- OS Components & Operations
  - Adaptive Partitioning User's Guide
  - Boot Optimization Guide
    The Boot Optimization Guide describes techniques you can use to reduce the time from your board's initial power on until you have a fully functional QNX system running on the board.
  - Building Embedded Systems
    The Building Embedded Systems guide is intended for developers who are developing or building BSPs for QNX Neutrino RTOS embedded systems.
  - Core Networking Stack User's Guide
    This guide introduces you to the QNX Neutrino Core Networking stack and its manager, io-pkt.
    - Overview
    - Packet Filtering
    - IP Security and Hardware Encryption
      The io-pkt-v4-hc and io-pkt-v6-hc stack variants include full, built-in support for IPsec.
      - Setting up an IPsec connection: examples
        Between two boxes manually
        Suppose we have two boxes, A and B, and we want to establish IPsec between them.
        With authentication using the preshared-key method
        Consider the simplest case where there are two boxes, BoxA and BoxB. User A is on BoxA, User B is on Box B, and the two users have a shared secret, which is a string of hello_world.
      - IPsec tools
        The QNX Neutrino Core Networking uses the IPsec tools from the NetBSD source base and incorporates it into its source base.
      - Hardware-accelerated crypto
        The io-pkt-v4-hc and io-pkt-v6-hc managers have the (hardware-independent) infrastructure to load a (hardware-dependent) driver to take advantage of dedicated hardware that can perform cryptographic operations at high speed. This not only speeds up the crypto operations (such as those used by IPsec), but also reduces the CPU load.
    - Wi-Fi Configuration
    - Transparent Distributed Processing
    - Network Drivers
    - Utilities, Managers, and Configuration Files
      The utilities, drivers, configuration files, and so on listed below are associated with io-pkt.
    - Writing Network Drivers for io-pkt
      This appendix is intended to help you understand and write network drivers for io-pkt.
    - A Hardware-Independent Sample Driver: sam.c
    - Additional information
    - Glossary
  - Customizing a BSP
    While QNX provides Board Support Packages (BSPs) for many common platforms and their individual variants, in some cases, you need a BSP for a board that QNX does not provide. If this is the case, you can modify a QNX BSP or develop your own.
  - Device Publishers Developer's Guide
  - High Availability Framework Developer's Guide
  - High-Performance Networking Stack (io-sock) User's Guide
    This guide contains instructions for implementing and using the QNX Neutrino High-Performance Networking Stack and its manager, io-sock.
  - Instant Device Activation
  - Migrating to QNX SDP 7.1
  - PCI Server User's Guide
  - Persistent Publish/Subscribe Developer's Guide
  - Platform-independent Publish/Subscribe Developer's Guide
    This guide is intended for application developers who want to use the Platform-independent Publish Subscribe (PiPS) framework to exchange information with other applications. First, the overall PiPS design and data-exchange model are explained. Then, tutorials on using PiPS are given. These tutorials cover key tasks such as selecting a publish-subscribe provider to use and writing plugins that read and write custom data types.
  - QDB Developer's Guide
  - QNX Helpers Developer's Guide
    These libraries provide QNX helpers, including helpers that assist with logging, string conversion, and number and type sizes.
  - SMMUMAN User's Guide
  - System Analysis Toolkit (SAT) User's Guide
  - System Architecture
    The System Architecture guide accompanies the QNX Neutrino RTOS and is intended for both application developers and end-users.
  - Technotes
  - User's Guide
    The QNX Neutrino User's Guide is intended for all users of a QNX Neutrino RTOS system, from system administrators to end users.
- Audio & Graphics API
- Multimedia
- Networking Middleware
- Programming
- Sensor Framework
- System Security Guide
  The QNX System Security Guide is intended for both system integrators who are responsible for the security of a QNX Neutrino RTOS system and developers who want to create a QNX Neutrino resource manager free from vulnerabilities.
- Utilities & Libraries
QNX Hypervisor
The QNX Hypervisor allows you to run multiple OSs on a target system so you can separate critical and non-critical functions, support a wide variety of applications, and reduce hardware costs.
QNX Software in the Cloud
QNX Software in the Cloud enables developers to use the QNX software in Amazon Web Services (AWS) and Microsoft Azure (Azure).
QNX Advanced Virtualization Frameworks User's Guide
This User's Guide is aimed at all systems integrators and developers who want to design and build embedded systems using the QNX Advanced Virtualization Frameworks.
Typographical Conventions, Support, and Licensing
This section describes the typographical conventions used throughout the documentation and explains how to obtain technical support.

Between two boxes manually

Suppose we have two boxes, A and B, and we want to establish IPsec between them.

Here's how:

On each box, create a script file (let's say its name is my_script) having the following content:

#!/bin/ksh 
# args: This script takes two arguments:
#    - The first one is the IP address of the box that is to
#      run it on.  
#    - The second one is the IP address of the box that this
#      box is to establish IPsec connection to.
Myself=$1
Remote=$2

# The following two lines are to clean the database.
# They're here simply to demonstrate the "hello world" level
# connection.
#  
setkey -FP
setkey -F

# Use setkey to input all of the SA content.
setkey -c << EOF

spdadd $Myself $Remote any -P out ipsec esp/transport/$Myself-$Remote/require;
spdadd $Remote $Myself any -P in ipsec esp/transport/$Remote-$Myself/require;

add  $Myself $Remote esp 1234 -m any -E 3des-cbc "KeyIsTwentyFourBytesLong";
add  $Remote $Myself esp 1234 -m any -E 3des-cbc "KeyIsTwentyFourBytesLong";
EOF

On BoxA, run ./my_script BoxA BoxB, or give the IP address of each box if the name can't be resolved.
Similarly, on BoxB, run ./my_script BoxB BoxA.

Now you can check the connection by pinging each box from the other. You can get the IPsec status by using setkey -PD.

Page updated: March 12, 2026