On Mon, 1 Aug 2005, Herbert Xu wrote:
On Mon, Aug 01, 2005 at 05:46:26AM +0200, Krzysztof Oledzki wrote:
Any new patches to test? ;)
As I said in an earlier message, you should patch racoon to delete
the old *outbound* SA when the new SA has been negotiated.
Did not receive this one, sorry :(. However, the same question was asked
to racoon developers and the answer was, that it is kernel job. They even
pointed that KAME IPSec stack can be tuned to (or not to) prefer old SA.
Best regards,
Krzysztof Olędzki
