Strongswan does not send a DELETE. Here is the pointer where Strongswan decides not to send a DELETE. ke_sa->delete() for a IKE SA that is rekeyed silently deletes itself: https://github.com/strongswan/strongswan/blob/master/src/libcharon/sa/ike_ sa.c#L1786 (note the 'break' and return DESTROY_ME).
On Mon, Aug 22, 2016 at 12:53 PM, Tobias Brunner <[email protected]> wrote: > Hi Noam, > > > > My question: How is the Cisco ASR supposed to know that the old > IKE SA > > > is no longer relevant? > > Because it is deleted? > > > > How is the peer supposed to know that it is deleted if it doesn't > > receive a DELETE message? > > It doesn't send one? I suppose that's problematic (however, DELETES in > IKEv1 are not really reliable anyway). > > Regards, > Tobias >
_______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
