Yes, in order to avoid replay issues, each side should be able to skip
forward as much as it wants to.
Thanks,
Yaron
On 11/19/2010 07:32 AM, Pekka Riikonen wrote:
On Thu, 18 Nov 2010, Raj Singh wrote:
:> Cluster member to client:
:> - The counter I plan to use next (based on a traff
On Thu, 18 Nov 2010, Raj Singh wrote:
: > Cluster member to client:
: > - The counter I plan to use next (based on a traffic/rekey rate estimate,
: > must be higher than the last message that was actually sent, otherwise it
: > might be rejected)
: >
:
: It will be better to jump this counter by
Hi Yaron,
Thanks for the comments, Ticket#205 create to track this.
On Thu, Nov 11, 2010 at 8:46 PM, Yaron Sheffer wrote:
> Hi,
>
> it seems to me we have created an overly complicated solution for replay
> protection of the Msg ID = 0 messages. Specifically, I think both the
> failover counter
Hi Tero,
Thanks for the comments.
Opened Ticket #204 for format error in notification payload.
Regarding the second issue. Some clarification is needed:
The text meant that the message containing IKEV2_MESSAGE_ID_SYNC
notification is allowed with message id zero only.
This doesn't mean that messa
