[strongSwan] Basic failover question
Noel Kuntze
noel at familie-kuntze.de
Sat Mar 25 00:56:47 CET 2017
On 23.03.2017 11:34, Hoggins! wrote:
> - shouldn't the client try to reestablish a connexion if DPD shows
> that there is no answer, like... quite fast ?
Depends on the retransmission settings it uses.
> - couldn't the "new" server just say to the client "back off man, I
> don't know your SAs, please just reauth with me, and we'll see what we
> can do" ?
Maybe. I don't know if there's something in the RFCs about that. However, any message
would be unauthenticated, so the client would probably ignore it.
--
Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170325/803e22e3/attachment.sig>
More information about the Users
mailing list