> > No, all retransmissions of IKE message with the same Message ID must be > > binary identical. > > Perhaps we could relax this requirement for this particular message though. > This seems like a simple tightly- > focused semantic change which gets us past the roadblock.
No, we cannot. Retransmissions are sent when no response is received. You don't know whether request or response was lost. If you retransmit packet not equal to original, then you don't know which packet the responder received - first or second. I guess in your case you don't care, but in general it's not appropriate. > FWIW, regarding retransmission and message IDs, one thing I considered was > not even using the message ID > at all (e.g., let it be 0) but this seemed too radical as a first approach. > :) > > If there really is no way to work around this, I suppose we just require > retransmissions of CC info reports until > they are ACKd or things are torn down b/c of drops (i.e., normal INFO > exchange). It does feel like we are > adding fragility here that isn’t really needed though. It makes the > functioning of the unidirectional tunnel > depend more heavily on the reverse direction traffic working when that isn’t > actually needed for the tunnel to > operate. Yes, don't break IKE core things. Regards, Valery. > Thanks, > Chris. > > > > > > > Regards, > > Valery. > > > >> Thanks, > >> Chris. > > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
