Tero Kivinen <kivi...@iki.fi> writes:
Christian Hopps writes:I also need to point out that we are only talking about the case where the implementation doesn’t use a timer to timeout missing packets. We specifically added text highlighting that implementations are free to timeout missing packets much earlier if they so choose. Perhaps we should also highlight this again??I do not really see how this timer text helps, or at all related to this discussion:
I'm saying we should add new text that mentions the use of this drop timer to drop missing packets after a short waiting time instead of just waiting for it to slide out of the reorder window. Then there is no issue to discuss anymore AFAICT. Thanks, Chris.
Implementations that are
concerned about memory use when packets are delayed (e.g., when an SA
deletion is delayed), or non-IP-TFS uses of AGGFRAG mode, can of
course use timers to drop packets as well.
It seems to cover cases where SA is deleted or non-IP-TFS uses of
AGGFRAG mode, which are not a concern here.
Or non-IP-TFS uses of AGGFRAG mode might be relevant here, but I think
the issues are also for IP-TFS uses of AGGFRAG.
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
