[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: issues with IKE that need resolution
There is no recovery logic in IPSec, I guess. This sounds like an
IPSecond issue (and is also not really IKE-specific).
Dan.
On Tue, 15 Sep 1998 16:08:21 EDT you wrote
> Dan,
>
> Thanks for pointing out this statement in the standard, but.....what will be
>the
> connection recovery logic for an IPsec Client, which rebooted in the middle o
>f
> receiving IPsec traffic? If IPsec Client keeps silent - tt make take sender h
>ours
> before figuring out what happened.
>
> Daniel Harkins wrote:
>
> > Slava,
> >
> > Section 5.2.1 of draft-ietf-ipsec-arch-sec-07.txt states:
> >
> > Use the packet's destination address (outer IP header), IPsec
> > protocol, and SPI to look up the SA in the SAD. If the SA
> > lookup fails, drop the packet and log/report the error.
> >
> > Dan.
References: