[strongSwan-dev] [PATCH] kernel-netlink: Allow to override xfrm_acq_expires value
Martin Willi
martin at strongswan.org
Mon Sep 23 10:52:45 CEST 2013
Hi,
> This patch allows strongswan to override xfrm_acq_expires default
> value by setting charon.plugins.kernel-netlink.xfrm_acq_expires in
> strongswan.conf.
Thanks for the patch, applied with some minor modifications to [1].
Please be aware that using a shorter acquire lifetime may help to raise
additional acquires, but can also be problematic if tunnel setup takes
longer than the configured value.
Best Regards
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=255b9dac
More information about the Dev
mailing list