[Openswan Users] keepalives?

Jacco de Leeuw jacco2 at dds.nl
Thu Feb 10 11:24:01 CET 2005


Tomasz Grzelak wrote:

>>I don't think you are using L2TP/IPsec 
> 
>   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>    What do you think by this?? I don't get it, but in my oppinion I am using    
> L2TP/IPSec... And I am rather sure about that :)

Oh, sorry. I figured you were not using L2TP because 1) otherwise you would
have mentioned it and 2) there is lots of periodic traffic with L2TP/IPsec
which would drown out the 'once every 30 seconds' packets that you reported.

> you're right about those keepalives, there may be, but 'man ipsec.conf' also 
> says something about keepalives through 'dpd*' options. I thought of the udp 
> packets as of ipsec keepalives... maybe I thought wrong, I don't know yet.

If you use L2TP/IPsec, you can forget about using those DPD parameters.
The Windows built-in IPsec client ignores DPD. I don't know if Microsoft
is doing dead peer detection at the L2TP or PPP layer instead, I haven't
looked into it yet.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list