I think one of the authors of l2tpd slightly misunderstood the meaning of the following part of RFC 2661:
5.8 Reliable Delivery of Control Messages [..] All control messages take up one slot in the control message sequence number space, except the ZLB acknowledgement. Thus, Ns is not incremented after a ZLB message is sent. The last received message number, Nr, is used to acknowledge messages received by an L2TP peer. It contains the sequence number of the message the peer expects to receive next (e.g. the last Ns of a non- ZLB message received plus 1, modulo 65536). While the Nr in a received ZLB is used to flush messages from the local retransmit queue (see below), Nr of the next message sent is not be updated by the Ns of the ZLB. l2tpd sends ZLBs with the recent Ns. Thats wrong. It should use Ns+1, but do not change the internal value of Ns. BTW: Why does l2tpd acknowlegde ICRQs? Thomas Walpuski
