At least in the k8s setup I looked at the dirtyfrag were filtered (by default).

"XFRM SA registration requires CAP_NET_ADMIN".