[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Do we actually need dynamic ports?
> - Keep a policy marker around and add or subtract relative to the marker
> - Delete the old SA and create a new one when you want to add or subtract
I hope you really mean:
"create a new one, cut over to it, then delete the old one after a
suitable delay to allow packets in flight to land"
And, if so, I think this is preferable -- it avoids any ambiguity of
interpretation with respect to the ordering of the selector add/delete
vs. traffic in flight.
- Bill