[strongSwan] Query regarding DPD with Linux
Andreas Steffen
andreas.steffen at strongswan.org
Fri Jun 10 12:10:13 CEST 2011
Hello Malik,
we are using policy_use_time, because the state_use_time gets set
only once when the first packet is processed and is never updated
after that.
Regards
Andreas
On 10.06.2011 06:18, sandeep malik wrote:
> Hi Andreas,
>
> I was trying to go through the DPD implementation of strongswan w.r.to
> <http://w.r.to> Linux 2.6 kernel. We are using the Linux 2.6.35 kernel
> and need you help in understanding how strongswan implements DPD for Linux.
>
> When I did some googling I found you had a discussion with Herbert
> regarding this and he suggested to use the policy use_time for
> implementing the DPD with Linux. I have following queries:
>
> Does strongswan uses the policy use_time or state use_time for both
> IKEv1 and IKEv2?
>
> How does this help as per my understanding DPD shall use tunnel use_time
> as there might be a scenario where in single policy have multiple SA's
> and one of the SA might be active while rest inactive but the DPD won't
> be triggered for inactive SA's as the policy use_time will keep on updating.
>
> Regards,
> Malik
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list