[Openswan Users] dpdaction restart?
Paul Wouters
paul at xelerance.com
Tue Dec 14 10:20:01 EST 2010
On Tue, 14 Dec 2010, stefan.holmstrom at westermo.se wrote:
> DPD-actions "clear" and "hold" are explained in the readme.dpd
>
> But what does dpd-action "restart" do?
> I have also found devices using openswan that has "restart-by-peer" and "reset" as DPD options.
"reset" is not a valid option.
> Is there any descriptions about what these dpd-actions do and when to use them?
see "man ipsec.conf"
restart/restart_by_peer tries to bring the dead phase1 up again. The difference between
restart and restart_by_peer was supposed to be that if you have multiple phase2's,
they would all get restarted instead of just the phase1, though it seemed our code
always used restart_by_peer, which happens to also be what you would want.
Paul
More information about the Users
mailing list