[Openswan Users] When is _updown script called for dpdaction=restart
elison.niven at elitecore.com
elison.niven at elitecore.com
Fri Jun 8 10:23:29 EDT 2012
Hello,
I would like to understand when (at what time) the _updown script will be
called when IPSEC connection goes down and dpdaction is set to restart.
What parameters does this depend on ? IKE lifetime, SA lifetime, rekey,
rekeymargin, dpdtimeout, dpddelay ?
For dpdaction=hold/clear, the _updown script is called immediately when
peer is declared dead. Why can we not do the same for dpdaction=restart?
Consider this case : A connection is created with dpdaction=restart and
after the IPSEC SA is established, the network cable is unplugged. In how
much time will the _updown script be called?
Thanks,
Elison
More information about the Users
mailing list