[Openswan Users] keepalives?
Jacco de Leeuw
jacco2 at dds.nl
Thu Feb 10 11:24:01 CET 2005
Tomasz Grzelak wrote:
>>I don't think you are using L2TP/IPsec
> What do you think by this?? I don't get it, but in my oppinion I am using
> L2TP/IPSec... And I am rather sure about that :)
Oh, sorry. I figured you were not using L2TP because 1) otherwise you would
have mentioned it and 2) there is lots of periodic traffic with L2TP/IPsec
which would drown out the 'once every 30 seconds' packets that you reported.
> you're right about those keepalives, there may be, but 'man ipsec.conf' also
> says something about keepalives through 'dpd*' options. I thought of the udp
> packets as of ipsec keepalives... maybe I thought wrong, I don't know yet.
If you use L2TP/IPsec, you can forget about using those DPD parameters.
The Windows built-in IPsec client ignores DPD. I don't know if Microsoft
is doing dead peer detection at the L2TP or PPP layer instead, I haven't
looked into it yet.
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users