Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire

To:	Aidas Kasparas <a.kasparas@xxxxxx>
Subject:	Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire
From:	jamal <hadi@xxxxxxxxxx>
Date:	04 Apr 2005 09:09:19 -0400
Cc:	ipsec-tools-devel@xxxxxxxxxxxxxxxxxxxxx, netdev <netdev@xxxxxxxxxxx>, nakam@xxxxxxxxxxxxxx
In-reply-to:	<42513A2F.7020504@xxxxxx>
Organization:	jamalopolous
References:	<1112405303.1096.37.camel@xxxxxxxxxxxxxxxx> <424E454D.4090402@xxxxxx> <1112477326.1088.321.camel@xxxxxxxxxxxxxxxx> <424FA946.70809@xxxxxx> <1112538566.1096.391.camel@xxxxxxxxxxxxxxxx> <425067D9.9050603@xxxxxx> <1112618007.1096.465.camel@xxxxxxxxxxxxxxxx> <42513A2F.7020504@xxxxxx>
Reply-to:	hadi@xxxxxxxxxx
Sender:	netdev-bounce@xxxxxxxxxxx

To:

Aidas Kasparas <a.kasparas@xxxxxx>

Subject:

Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire

From:

jamal <hadi@xxxxxxxxxx>

Date:

04 Apr 2005 09:09:19 -0400

Cc:

ipsec-tools-devel@xxxxxxxxxxxxxxxxxxxxx, netdev <netdev@xxxxxxxxxxx>, nakam@xxxxxxxxxxxxxx

In-reply-to:

<42513A2F.7020504@xxxxxx>

Organization:

jamalopolous

References:

<1112405303.1096.37.camel@xxxxxxxxxxxxxxxx> <424E454D.4090402@xxxxxx> <1112477326.1088.321.camel@xxxxxxxxxxxxxxxx> <424FA946.70809@xxxxxx> <1112538566.1096.391.camel@xxxxxxxxxxxxxxxx> <425067D9.9050603@xxxxxx> <1112618007.1096.465.camel@xxxxxxxxxxxxxxxx> <42513A2F.7020504@xxxxxx>

Reply-to:

hadi@xxxxxxxxxx

Sender:

netdev-bounce@xxxxxxxxxxx

On Mon, 2005-04-04 at 08:59, Aidas Kasparas wrote:
> jamal wrote:
> > I think i have made a bad case of explaining.
> > Yes, I know where acquires terminate. However this is not about where
> > acquires terminate. It is insufficient to assume that a succesful
> > acquire to user space equates to successful interaction to the KE server
> > which will do an update.
> 
> Why?

The reason the kernel sends an acquire is to update larval SAs it
created. The result is either updating the SA or a rejection for that
matter. Else theres failure in communication.

Anology: If you are trying to send a message from one end system
to another and there are multiple hops between them, then just because
it made it to the first hop does not equate it made it to its final
destination. To make it to the final destination, the confirmation has
to come from the target end.
So if you said the KE was the final destination then kernel to user
space was the first hop.
I am not sure if this is clear as an analogy.

cheers,
jamal

<Prev in Thread]	Current Thread	[Next in Thread>
Re: IPSEC: on behavior of acquire, (continued) Re: IPSEC: on behavior of acquire, Thomas Graf Re: IPSEC: on behavior of acquire, Patrick McHardy Re: IPSEC: on behavior of acquire, Aidas Kasparas Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, Zilvinas Valinskas Re: IPSEC: on behavior of acquire, jamal Re: IPSEC: on behavior of acquire, Aidas Kasparas Re: IPSEC: on behavior of acquire, jamal Re: IPSEC: on behavior of acquire, Aidas Kasparas Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, jamal Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, Aidas Kasparas Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, jamal <= Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, Aidas Kasparas

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: take 2-2 WAS(Re: PATCH: IPSEC xfrm events, Herbert Xu
Next by Date:	Re: take 2-2 WAS(Re: PATCH: IPSEC xfrm events, jamal
Previous by Thread:	Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, Aidas Kasparas
Next by Thread:	Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, Aidas Kasparas
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: take 2-2 WAS(Re: PATCH: IPSEC xfrm events, Herbert Xu

Next by Date:

Re: take 2-2 WAS(Re: PATCH: IPSEC xfrm events, jamal

Previous by Thread:

Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, Aidas Kasparas

Next by Thread:

Re: [Ipsec-tools-devel] Re: IPSEC: on behavior of acquire, Aidas Kasparas

Indexes:

[Date] [Thread] [Top] [All Lists]