[Openswan dev] DPD issue with multiple tunnels between two peers
mhopf at innominate.com
Wed Jul 11 03:33:43 EDT 2007
On Tue 10.07. 20:00, Benny Amorsen wrote:
> >>>>> "M-AH" == Mark-Andre Hopf <mhopf at innominate.com> writes:
> M-AH> From RFC 3706:
> M-AH> After some number of retransmitted messages, an
> M-AH> implementation SHOULD assume its peer to be unreachable and
> M-AH> delete IPSec and IKE SAs to the peer.
> I'm not sure what your point is.
It means that it is okay to delete ALL SAs to the peer.
mark-andre.hopf at innominate.com
senior software engineer innominate security technologies AG
development protecting industrial networks
tel: +49.30.6392-3284 fax: -3307 http://innominate.com
Pound for pound, the amoeba is the most vicious animal on earth.
More information about the Dev