Hi again, 2010/5/27 Yoav Nir <[email protected]>: > How about the following text? > > 3.8 Allocation of SPIs > SPIs for child and IKE SAs MUST be unique with the same peer. However, in > a cluster, both members may create SAs and assign SPIs to them, so a > collision is possible. We believe that peers should not be required to > accept duplicate SPIs for different SAs, and that this needs to be > prevented by the cluster members by some out-of-scope method.
It's fine for me. Best regards. JMC. > > Yoav > > -----Original Message----- > <snip/> > > 3. The Problem Statement > > <JMC> > I didn't see anything about potential collisions (e.g. SPI for a > specific SA on a member of the cluster is already used on another > member) during a failover: is such an issue out of scope? > <JMC> > > <snip/> > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
