[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTION: 4.3 Dead peer detection



| 
| Please discuss and answer this question:
| 
| 
| 4.3 Dead peer detection
| 
| 4.3.A) Both JFK and IKEv2 provide dead peer detection via a
| "keep-alive" mechanism.  The functionality provided is roughly
| identical.  Does anyone care about how low-level implementation
| details of IKEv2 and JFK?
| 

Details of this type of functionality is absolutely necessary for
interoperability. For example, with JFK what would be the inner addresses 
of the ping for a tunnel setup between two gateways?

| 4.3.B) Should the working group consider other schemes which provide
| the same functionality as dead peer detection?  (i.e., birth
| certificates, see section 3.5 in draft-ietf-ipsec-soi-features-01.txt)
| 

Yes, a more proactive solution would help speed up the recovery process
after a system crash. Note that for those systems that do not have a way
of storing incrarnation numbers across a reboot, the initial-contact
message would be acceptable.

| Implications from the Scenarios:
| 
| [none]