[strongSwan] DPD Questions
T Cheung
tccheung1 at gmail.com
Wed Aug 8 19:10:10 CEST 2012
Hi Martin,
I understand about the 500 sec delay, but 15 minutes is 900 sec, so there
is obviously some other substantial delay.
Thanks,
Terry
On Wed, Aug 8, 2012 at 12:59 AM, Martin Willi <martin at strongswan.org> wrote:
> Hi Terry,
>
>> My value was set at 500 as shown above, but I didn't see the first
>> attempt to send an R-U-THERE query until over 15 minutes after I
>> terminated all communications between the peers
>
> If an ESP packet is received, the DPD delay timer is reset, as we know
> the SA is still up. So a first R-U-THERE is not sent before 500s after
> the last ESP/IKE packet from the peer has been seen.
>
> Regards
> Martin
>
More information about the Users
mailing list