Software defined networking (SDN) comprises a plurality of hosts (e.g., endpoints) in communication over a physical network infrastructure, each host having one or more virtualized computing instances such as virtual machines (VMs) or containers that are connected to one another over logical overlay networks that are decoupled from the underlying physical network infrastructure. SDN may utilize distributed network encryption (“DNE”), which is a functionality created within the SDN framework to simplify key management associated with IP Security (IPSec). Using DNE, each endpoint within a network of endpoints receives or derives security parameter index (SPI) values, used to identify a corresponding security association established with other endpoints, as well as encryption/decryption keys to utilize in exchanging data packets with other endpoints in the network in an IPSec secured manner. For example, data packets may be encrypted at a source endpoint using a symmetric encryption/decryption key, transmitted to a destination endpoint, and decrypted at the destination endpoint using the same encryption/decryption key. In some cases, an SPI value is stored in an IPSec header of a data packet when the data packet is being encrypted at the source endpoint using the encapsulating security payload (ESP) protocol. After receiving the encrypted packet, the destination endpoint may extract the SPI value from the IPSec header and use it to identify a security association that stores the encryption/decryption key that the data packet was encrypted with at the source endpoint. In some cases, however, after the destination endpoint decrypts the data packet using the encryption/decryption key, it strips the IPSec header off the packet. This may then leave other modules in the operating system environment of the destination endpoint without access to the SPI value and, therefore, unable to perform some functionalities.