[Openswan dev] [PATCH] Forget about NAT-T in DPD activity check
Herbert Xu
herbert at gondor.apana.org.au
Thu Oct 6 15:47:18 CEST 2005
On Thu, Oct 06, 2005 at 05:20:18AM +0200, Paul Wouters wrote:
>
> I think part of the idleness check is also to prevent 'make deads'. If
> your link is note idle bug congested, sending out a keep alive might get
> it dropped, and if it happens a few times (the user is not done with
> bittorrent) the tunnel would be incorrectly torn down.
Are you saying that it'd be better to not send out keep alives in this
case?
If so then you definitely want to get rid of that NAT-T check because
it can only cause more DPD probes to be sent, not less.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Dev
mailing list