Tacack, is the retransmissions sent after *rekey lifetime* or *rekey retransmit* timeout?
With regards Kings On Thu, Nov 11, 2010 at 1:14 PM, Vybhav Ramachandran <[email protected]>wrote: > Hello Kings, > > Well, i am observing something different. > > After i configure rekey retransmit 10 number 6 (*#rekey retransmit 10 num > 6*), and i shut down the GM's interface ( connecting to the KS ) after it > finishes registering, the rekeys are being retransmitted *6* times by the > KS. > > So the total number of rekeys sent are 1 + 6 = 7. > > I verified this using the *#debug crypto gdoi* *event *to verify this on > the KS. > > Note :Anytime During the 7 rekey transmissions , if the KS comes up anytime > in between, it gladly accepts the next rekey and responds with and ACK . But > after the 7the attempt, if the KS comes up , it has to re-register( > according to the doc-cd) before it can receive any more rekeys. > > The IOS version i'm using is 12.4(15)T10 and i'm using GNS3 to test out my > topology. > > Cheers, > TacACK >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
