Re: Heartbeats (was RE: keepalives)

[Paul Koning <pkoning@xedia.com>]

>>>>> "Michael" == Michael C Richardson <mcr@sandelman.ottawa.on.ca> writes:

>>>>> "Bronislav" == Bronislav Kavsan <bkavsan@ire-ma.com> writes:
 Bronislav> If gateway protects internal subnet
 Bronislav> 199.34.57.0/255.255.255.0 and has internal address
 Bronislav> 199.34.57 27 - how Client would know this internal gateway
 Bronislav> address in order to ping it?  Do you

 Michael> My opinion is that clients don't do heartbeats, since they
 Michael> don't have 2000 SAs that they want to track.

But there are other reasons to do heartbeats.  For example, if you
want to verify that the security gateway still knows about your SAs
(so you can negotiate new ones if the old ones have vanished for some
reason).   As far as I can see, this "black hole detection" is a
valuable, perhaps the most valuable, benefit of heartbeat.

	paul

---

Follow-Ups:

• Re: Heartbeats (was RE: keepalives)
• From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

References:

• Re: Heartbeats (was RE: keepalives)
• From: Bronislav Kavsan <bkavsan@ire-ma.com>
• Re: Heartbeats (was RE: keepalives)
• From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>

---

• Prev by Date: Re: heartbeats (summary of responses)
• Next by Date: RE: Heartbeats (was RE: keepalives)
• Prev by thread: Re: Heartbeats (was RE: keepalives)
• Next by thread: Re: Heartbeats (was RE: keepalives)
• Index(es):
  • Main
  • Thread