[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Daemon Recovery

To: Derrell Piper <piper@cisco.com>
Subject: Re: Daemon Recovery
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Date: Wed, 17 Sep 1997 16:21:27 -0400
Cc: "Theodore Y. Ts'o" <tytso@MIT.EDU>, "Suren Arockia S." <suren@teil.soft.net>, ipsec@tis.com
In-Reply-To: piper's message of Wed, 17 Sep 1997 13:06:33 -0700. <199709172006.NAA03570@pita.cisco.com>
Sender: owner-ipsec@ex.tis.com

Here's another concept which will allow for easier cleanup with less
risk of trouble in the presence of message reordering..

Include a "boot time" attribute in the isakmp negotiation.  (as a
footnote, this is a trick found in a number of other stateful
protocols, including the Rx RPC protocol used by AFS, the Apollo
NCS/DCE RPC protocol, and probably a few others).

The "boot time" is a value, monotonically increasing over all time,
chosen by each party in the protocol; you attach a boot time to each
SA. Your boot time should change any time you completely empty the SA
table (e.g., at reboot..).

When a peer notices a negotiation with a new boot time, it knows it
can flush all SA's which have an older boot time..

					- Bill

References:

Re: Daemon Recovery

From: Derrell Piper <piper@cisco.com>

Prev by Date: Re: Daemon Recovery
Next by Date: Re: Daemon Recovery
Prev by thread: Re: Daemon Recovery
Next by thread: Re: Daemon Recovery
Index(es):
- Main
- Thread