[Openswan Users] problem making starter in openswan 2.3.1

Steve steve at wanalan.com
Fri Jul 15 11:23:13 CEST 2005

Paul Wouters wrote:

> On Fri, 15 Jul 2005, Steve wrote:
>> Compilation on kernel modules and other programs are fine but having 
>> problem during compilation of "starter" program:
> The "starter" is still a work in progres. That is the reason it is not 
> built
> per default yet. At the moment this is not the highest priority for 
> us. We
> have not looked at it for a while, and I am sure it is broken at this 
> point.
I see. I was just wondering if there is way to reread and reapply the 
configuration without manually restarting the ipsec. The description in 
the starter folder got my attention.

>> Also, just to confirm, DPD is enabled by default? Does not specifying 
>> any dpddelay or timeout would disable it?
> We always send the VendorID announcing that we support the DPD 
> capability.
> If no dpd paramters are present in *our* conn, we will not start sending
> DPD packets. Though if the other end sends a DPD packet, we will respond
> to it, as requires by RFC. This behavour changed somewhere in 2.1 or 2.2.
> Before that, we only sent the VendorID if we had dpd enabled for the conn
> ourselves.
> Paul
Yes, I saw this VendorID sent by this version and was so curious about 
it. Thanks for clarification!!


More information about the Users mailing list