Yoav Nir <ynir.i...@gmail.com> wrote:
> - Although it is implied, it should be stated explicitly that
> TS_MAX_QUEUE does not mean no more child SAs with these TS ever. As
> some child SAs get deleted and perhaps not rekeyed if they’re idle, if
> traffic picks up again, new child SAs with these TS can be created
> until the peer again blocks you with a TS_MAX_QUEUE.Do you think it be better for each end to announce a maximum ahead of time? (At negotiation of the first child SA) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- *I*LIKE*TRAINS*
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
