[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SA byte lifetime



Hi,
  I am having some doubts regarding the use of SA byte lifetime. 
Specifically for the case in which an SA bundle has been negotiated, say AH 
and ESP, the number of bytes processed by the AH SA will be different from 
the number of bytes processed by the ESP SA. Normally, for SA bundle case, 
ESP packet is encapsulated by AH, so the number of bytes processed by the 
AH SA will always be more than the ESP SA. So, in that case, the AH SA will 
expire before the AH SA. Now the problem is :
1) Once the AH SA soft byte lifetime expires, should we :
	a) negotiate for the bundle again.- In this we are assuming that the ESP 
SA has also 			expired.
	b) negotiate for AH SA only - In this case, how ?

2) Once the AH SA hard byte lifetime has expired, should we delete the ESP 
SA also.

Thanks in Advance.

Awan Kumar Sharma
Software Engg.,
Future Software Ltd.,
Chennai - India



Follow-Ups: