Technical Summary
When an IPsec tunnel between two IKEv2 peers is
disconnected due to a restart of one peer, it can take
as much as several minutes for the other peer to discover
that the reboot has occurred. This delays the recovery
of the tunnel. This document describes an IKEv2
extension that allows discovery of the reboot almost
immediately after the rebooted system is active again.
Working Group Summary
There was consensus both that this is a problem that
needs to be solved and for the proposed solution.
Document Quality
Some vendors expressed interest in implementing this in their
IPsec gateways.
Personnel
Paul Hoffman (paul.hoffman@vpnc.org) is the document shepherd.
Sean Turner (turners@ieca.com) is the responsible AD.
Tero Kivinen (kivinen@iki.fi) is the expert reviewer.