Description

After upgrade Kernel from 5.10.0-11-amd64 #1 SMP Debian 5.10.92-2 to 5.10.0-12-amd64 #1 SMP Debian 5.10.103-1 the encrypted
overlay network bewteen the nodes ends in error.

Steps to reproduce the issue:

1. Use: The Current Debian Kernel (5.10.0-12-amd64 SMP Debian 5.10.103-1)
2. Use: Docker 20.10.13
3. docker network create -d overlay --opt encrypted=true TestNet
4. Start containers with the network

Describe the results you received:

• No TCP Connection between the containers possible
• Log output:

Mar 10 14:18:31 srv01 dockerd[1297]: time="2022-03-10T14:18:31.277303894+01:00" level=warning msg="Failed Adding rSA{Dst: 10.55.2.11, Src: 10.55.2.10, Proto: esp, Mode: transport, SPI: 0xd457eb22, ReqID: 0xd0c4e3, ReplayWindow: 0, Mark: , OutputMark: 0, Ifid: 0, Auth: , Crypt: , Aead: {Name: rfc4106(gcm(aes)), Key: , ICV length: 64}, Encap: , ESN: false}: invalid argument"

Mar 10 14:18:31 srv01 dockerd[1297]: time="2022-03-10T14:18:31.277371111+01:00" level=warning msg="Failed Adding fSA{Dst: 10.55.2.10, Src: 10.55.2.11, Proto: esp, Mode: transport, SPI: 0x29ad0c9a, ReqID: 0xd0c4e3, ReplayWindow: 0, Mark: , OutputMark: 0, Ifid: 0, Auth: , Crypt: , Aead: {Name: rfc4106(gcm(aes)), Key: , ICV length: 64}, Encap: , ESN: false}: invalid argument."

Mar 10 14:18:31 srv01 dockerd[1297]: time="2022-03-10T14:18:31.277415765+01:00" level=warning msg="Adding fSP{{Dst: 10.55.2.10/32, Src: 10.55.2.11/32, Proto: 17, DstPort: 4789, SrcPort: 0, Dir: dir out, Priority: 0, Index: 0, Action: allow, Ifindex: 0, Ifid: 0, Mark: (0xd0c4e3,0xffffffff), Tmpls: [{Dst: 10.55.2.10, Src: 10.55.2.11, Proto: esp, Mode: transport, Spi: 0x29ad0c9a, Reqid: 0xd0c4e3}]}}: invalid argument"

Describe the results you expected:

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:
Docker-ce 20.10.13

Additional environment details (AWS, VirtualBox, physical, etc.):