[Openswan dev] [PATCH] Forget about NAT-T in DPD activity check
Paul Wouters
paul at xelerance.com
Thu Oct 6 06:20:18 CEST 2005
On Thu, 6 Oct 2005, Herbert Xu wrote:
> I don't understand your point about directions. NAT-T keep-alive's
> only need to be transmitted in one direction to keep the connection
> alive.
Perhaps Michael can explain this better. It was his point I was trying
to iterate.
> As to the second point, it also doesn't affect whether the validity
> of the idleness check (at least for the native stack).
>
> What I'm saying is that whether NAT-T is turned on or not does not
> affect the validity of the idleness test. Therefore it makes no
> sense to skip the idleness check and always send DPD probes when
> NAT-T is turned on.
I think part of the idleness check is also to prevent 'make deads'. If
your link is note idle bug congested, sending out a keep alive might get
it dropped, and if it happens a few times (the user is not done with
bittorrent) the tunnel would be incorrectly torn down.
Michael?
Paul
--
"Happiness is never grand"
--- Mustapha Mond, World Controller (Brave New World)
More information about the Dev
mailing list