[Lksctp-developers] Heartbeat message is not triggering IKE

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

We have a dual homing setup where one destination address (B) is not
reachable. Destination address A is reachable and heartbeat messages go thru
to A. Heartbeat messages are continually being sent to B and 'ICMP
unreachable' message is received. This is as expected. However, when we use
IPSEC, then we see a different behavior. As the destination address is not
reachable, DPD (Dead Peer detection) will cause the SAD entries to be
removed. The heartbeat message to B triggers IKE but there is no response.
The next heartbeat also triggers IKE and there is no response. This is the
expected behavior. Now there are no more IKE messages. But as heartbeat is
continually being sent, shouldn't each message trigger a IKE?

Babu