Hello David, yes your calculation is correct.
Regards Andreas On 10/12/2010 04:05 AM, David Deng wrote: > Hi All, > > When I Initiated some testing about the IPsec rekey mechanism, and I > found the rekey lifetime seems like a randam number (according to the > fuzz setting) and I am so puzzled. > > I am wonder that if the following calculation method of IPsec rekey > lifetime is right: > > "IPsec rekey lifetime" = "lifetime" - (1 + "fuzz"%) * "margin" > > for example: > > if lifetime was set as 9m, and fuzz was set as 50, and margin was set as > 2, and then the "IPsec rekey lifetime" will be calculated as: > > 9 - (1+0.5)*2 = 6m > > > so the "IPsec rekey lifetime" will be in the scope of > 5 ~ 7 m > > is it right? > > > look forward to your answer! thanks a lot! > > > Besides, I found that the IPsec rekey lifetime still is a random value > even if the above function existed. so I have no any idea about the > IPsec rekey lifetime. > > can you explain how IPsec rekey mechanism work? thanks again! > > > Best wishes > > David Morris > ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
