Re: [Ipsec-tools-devel] Same traffic keys

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Patrick Ma wrote:
> There is a hard coded 30 second timer in the kernel that kicks off phase
> 1 negotiations.
>  
> http://lists.openwall.net/netdev/2007/05/25/14

As I read that code, the kernel's hardcoded that racoon2 has 30 seconds
to reply to SADB_ACQUIRE before it tries again. I don't think that's
related to either the racoon2 startup delay (which is not a fixed 30
seconds but varied with the number of tunnels) or the repeated keys.

Best regards,
Scott