Hi, When a CHILD_SA is rekeyed, there is a time when SAD will have two SA entries corresponding to the CHILD_SA that is rekeyed. In other words this is the time, when stack has received a correct response to CREATE_CHILD_SA Request and hence has installed the new SA in SAD, however it has yet not deleted the old SA entry from SAD.
During this time if a packet is to be sent out using the CHILD_SA, how do we know which SA Entry is to be used out of the 2 Entries. Thanks for your reply in advance. Regards Vivek _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users