Generating policies is just a half of the story. Generated policies
must be maintained. And I want discussion on this maintenece.
1) How long generated policy should be kept?
a) until at least one of Phase1 or Phase2 SAs corresponding to it is
b) configured period of time from creation;
c) configured period of time after (1a) condition is met;
2) What should happen when client with the same ID successfully
negotiates Phase1 SA from different address?
a) generated policies for previous address should be removed and for
new one generated;
b) just generate policies for new address.
3) Racoon exits (normally, via SIGTERM signal). Should it clean
4) Racoon crashes and new racoon process is started. How could it find
policies generated by previous process? Should we store generated
a) single file;
b) filesystem based database (one generated SPD entry -> one [or
c) where available, use "reserved" tags "racoon_generated" for SPD
entries and advocate support of tags in linux kernel
d) nothing should be done -- admin should flush SPD before starting
5) In (4) scenario what kind of recovery is needed:
a} finding generated policies; removing ones which do not meet (1a);
b} negotiate new phase1 connections with parties where still valid
generated policies are found [and this way give them a chance to avoid
negotiation of new phase2 via no longer available phase1 SAs]
c} anything else?
In short I my oppinions are:
1a, maybe 1c
3 no; but there should be some method [kill -USR1?] to ask racoon to
remove generated policies
4b because not sure how successfull advocacy would be for 4c
5a + 5b
Your oppinions, additions very welcome.
P.S. Derek, how much people are on -devel list? How much of oppinions
one can hope to receive?
P.P.S. Re: non backward compatible changes - I'm waiting for CVS to
start working again.
GM Consult Group, UAB