2008/523 IPsec session failover
Darren J Moffat
Darren.Moffat at sun.com
Fri Aug 15 02:14:41 PDT 2008
I'm missing the bigger picture here, or failing to see where it is
covered in the materials.
Can someone draw me a simple picture of a multi node cluster using this
showing which IKE the client connects to originally and where and how
the SADB's are passed between the nodes.
I think I understand how the failover happens with the switch from IDLE
to MATURE. The part I'm missing is how all the SC nodes get the SADB
entries in the first place and how that is done securely.
I assume the IKE DPD functionality is generally useful for non SC
deployments but is required by this case.
--
Darren J Moffat
More information about the opensolaris-arc
mailing list