--- old/iked/ikev1/ikev1_natt.c	Fri Mar 27 12:09:53 2009
+++ new/iked/ikev1/ikev1_natt.c	Fri Mar 27 12:09:53 2009
@@ -46,6 +46,11 @@
 #include <string.h>
 #include <errno.h>
 
+#ifdef sun	/* XXX KEBE SAYS OpenSolaris extras */
+#define UDP_ENCAP_ESPINUDP_NON_IKE 1
+#define UDP_ENCAP_ESPINUDP 2
+#endif
+
 #include "racoon.h"
 
 #include "var.h"
@@ -296,16 +301,27 @@
 	if (!(iph1->natt_flags && NAT_DETECTED))
 		return;
 	if (!iph1->natt_options->float_port) {
+#ifndef sun	/* XXX KEBE SAYS OpenSolaris does keepalives in-kernel. */
 		/* Drafts 00 / 01, just schedule keepalive */
 		natt_keepalive_add_ph1(iph1);
+#endif
 		return;
 	}
 
 	set_port(iph1->local, iph1->natt_options->float_port);
 	set_port(iph1->remote, iph1->natt_options->float_port);
-	iph1->natt_flags |= NAT_PORTS_CHANGED | NAT_ADD_NON_ESP_MARKER;
 
+	iph1->natt_flags |= NAT_PORTS_CHANGED;
+
+#ifndef sun
+	/*
+	 * XXX KEBE SAYS OpenSolaris does keepalives in-kernel.
+	 * Also, we have in-kernel zero-spi addition.
+	 */
+	iph1->natt_flags |= NAT_ADD_NON_ESP_MARKER;
+
 	natt_keepalive_add_ph1(iph1);
+#endif
 }
 
 void
@@ -326,6 +342,7 @@
 			iph1->natt_flags |= NAT_ANNOUNCED;
 }
 
+#ifndef sun	/* XXX KEBE SAYS OpenSolaris does keepalives in-kernel. */
 /* NAT keepalive functions */
 static void
 natt_keepalive_send(void *param)
@@ -447,6 +464,7 @@
 		}
 	}
 }
+#endif
 
 #ifdef notyet
 static struct remoteconf *