[Openswan dev] Phase 2 Negotiation Reliability
Herbert Xu
herbert at gondor.apana.org.au
Sun Sep 19 06:28:32 CEST 2004
On Sat, Sep 18, 2004 at 02:16:25PM -0400, Michael Richardson wrote:
>
> per-state would permit it to be different for quick_I1 vs main_R3, etc.
> I don't think it would be interesting on a per-connection basis.
Well I'm not sure whether you want to do this for main_R3. It'd be better
to turn on DPD early so that it can detect this and kill the state.
> Note you can also make the value infinite by setting retries=0. I
> think that this would work for the a responding only system.
You never want to set this to infinity. Otherwise if the initiator decides
to go away you're stuffed.
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Dev
mailing list