Dan McDonald wrote:
Consider a threaded IKE daemon that has a socket open and bound to a local
port 500. (We'll leave out 4500 because the same issues apply there modulo
setting UDP_NAT_T_ENDPOINT...)
Now let's consider that this threaded daemon must not just receive all
packets for local port 500, but send them back with the same
source/destination addresses as received.
...
Their "better approach" is employed by our IKEv1 daemon, but it has problems
with file-descriptor limits (when many local addresses exist), and needing to
monitor routing-socket behavior for local-address additions and deletions.
...
The question I've got to ask is, why is the IKE daemon receiving packets for
so many different IP addresses?
Is it a required part of some protocol spec?
Or is it an application design thing?
Or...?
Darren
_______________________________________________
networking-discuss mailing list
[email protected]
