[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(usagi-users 04021) Re: [patch] mip6d daemon: set the (K) bit according to KeyMngMobCapability option
Thank you for reply. Please find my comments inline.
This small patch for umip 0.4 aims to properly set the (K) bit in BU and
BA messages according to the KeyMngMobCapability option. If a
misconfiguration is detected, a message is generated. The information is
saved in the bule (MN) or bce (HA) data, and can be used later to check
if movement must be signaled to an IKE daemon.
AFAIK the RFC377 does not say anything about the K-bit change,
it is not so problem for MN side, however, it is required clarify for HA side.
Since the behavior is not defined, it seems correct to me to accept the
change on the HA. It adds more flexibility, IMHO.
With your patch HA accepts K-bit change for the existing BCE with
receiving every BU and it is too much as saying configuration mistake
You are right, it is not always a configuration mistake. But since there
is no difference in behavior if we set the bit or not in the Linux
implementation, and we always send the MIGRATE message which can be used
to migrate the IKE session; then I think the (H) flag should always be
set in this Linux implementation. This is the reason for the change.
With a proper racoon or racoon2 daemon (with patchs to support MIPv6)
then the IKE session survives.
Describe also why HA uses syslog when the K-bit change
detects while MN uses debug message.
It was mostly for consistency with the remaining of the file; please
change this to what fits best in your opinion.