[strongSwan] Question regarding Drop dead packets

[Makarand Pradhan]

Good morning all,

We are running Strongswan 5.8.2.

Our dpddelay is set at 60 seconds and we have noticed that even though we are sending traffic, both ends are sending/receiving ISAKMP (Drop-dead) packets every 60 seconds.

The wiki also mentions that R_U_THERE's would go out only in the absence of traffic.

"dpddelay = 30s | <time>

defines the period time interval with which R_U_THERE messages/INFORMATIONAL exchanges are sent to the peer.
These are only sent if no other traffic is received."

Can anyone comment if this is the expected behaviour?

Kind rgds,
Makarand Pradhan
Senior Software Engineer.
iS5 Communications Inc.
5895 Ambler Dr,
Mississauga, Ontario
L4W 5B7
Main Line: +1-844-520-0588 Ext. 129
Direct Line: +1-289-724-2296
Cell: +1-226-501-5666
Fax:+1-289-401-5206
Email: makarandpradhan at is5com.com
Website: www.iS5Com.com

 
Confidentiality Notice: 
This message is intended only for the named recipients. This message may contain information that is confidential and/or exempt from disclosure under applicable law. Any dissemination or copying of this message by anyone other than a named recipient is strictly prohibited. If you are not a named recipient or an employee or agent responsible for delivering this message to a named recipient, please notify us immediately, and permanently destroy this message and any copies you may have. Warning: Email may not be secure unless properly encrypted.