[hipl-users] Re: Server HIp state loss recovery

• From: Robert Moskowitz <rgm@xxxxxxxxxxxxxxx>
• To: hipl-users@xxxxxxxxxxxxx
• Date: Wed, 27 Aug 2008 09:11:22 -0400

Miika Komu wrote:

Miika Komu wrote:

Hi,

Robert Moskowitz wrote:

Hi,

I was playing with my firewall rules and decided to stop hipfw and hipd on the server, restart them, then try gftp again.

I did not cycle HIP on the client, only the server. Thus the client still had an SA for the server.

Regular stream of ESP packets. At no point was there evidence of a timeout behavour and a new HIP exchange; I had to recycle HIP on the client.

killing hipd causes it to send CLOSE to its active peers which deletes security associations at the peer. As you know, the userspace ipsec is a bleeding edge feature and it was missing support for deletion of SAs. This feature is available on a development branch, which I can merge as soon as I have tested the branch.

I have now merged this "delete sa" feature from Rene. Please replay and try again.

I am unclear about one step. after the tla replay do I always run ./autogen.sh and THEN run make install???

• Follow-Ups:
  • [hipl-users] Re: Server HIp state loss recovery
    • From: Miika Komu

• References:
  • [hipl-users] HIPL on Nokia N810
    • From: Andrey Khurri
  • [hipl-users] Re: Server HIp state loss recovery
    • From: Miika Komu

Other related posts:

• » [hipl-users] Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery
• » [hipl-users] Re: Server HIp state loss recovery

1. Home
2. hipl-users
3. Archive
4. 08-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---