Hello,
> > I am confused. Is this a notify of the server to the client, or a
> > configuration item by the server instructing client behaviour?
>
> It is notify from the server to client. I.e. client sends empty
> TIMEOUT_PERIOD_FOR_LIVENESS_CHECK in the CFG_REQUEST and
> server will send value in seconds inside its
> TIMEOUT_PERIOD_FOR_LIVENESS_CHECK in CFG_REPLY. I.e. the server asks client
> to use following livenss timeout period.
3GPP spec expects that if the client (User Equipment) supports the
TIMEOUT_PERIOD_FOR_LIVENESS_CHECK configuration attribute, then the client
(User Equipment) *enforces* the timer value indicated in the
TIMEOUT_PERIOD_FOR_LIVENESS_CHECK configuration attribute in CFG_REPLY sent by
server (Evolved Packet Data Gateway).
I.e. it is an intruction, not a suggestion.
It is supposed to work as follows:
first request --> IDi,
[N(INITIAL_CONTACT)],
[[N(HTTP_CERT_LOOKUP_SUPPORTED)], CERTREQ+],
[IDr],
[CP(CFG_REQUEST (*TIMEOUT_PERIOD_FOR_LIVENESS_CHECK
with empty value*) )],
[N(IPCOMP_SUPPORTED)+],
[N(USE_TRANSPORT_MODE)],
[N(ESP_TFC_PADDING_NOT_SUPPORTED)],
[N(NON_FIRST_FRAGMENTS_ALSO)],
SA, TSi, TSr,
[V+][N+]
first response <-- IDr, [CERT+], AUTH,
EAP,
[V+][N+]
/ --> EAP
repeat 1..N times |
\ <-- EAP
last request --> AUTH
last response <-- AUTH,
[CP(CFG_REPLY(*TIMEOUT_PERIOD_FOR_LIVENESS_CHECK
with a value selected by server*))],
[N(IPCOMP_SUPPORTED)],
[N(USE_TRANSPORT_MODE)],
[N(ESP_TFC_PADDING_NOT_SUPPORTED)],
[N(NON_FIRST_FRAGMENTS_ALSO)],
SA, TSi, TSr,
[N(ADDITIONAL_TS_POSSIBLE)],
[V+][N+]
Kind regards
Ivo Sedlacek
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
