On Sun, May 4, 2014 at 11:53 PM, Syed Ajim Hussain <sye...@huawei.com> wrote: > Thanks for your reply, This problem happened in real scenario, > problem is- both the Tunnel end points are different vendor, > They handle it differently.
Near as I can tell there are two possible behaviors: two (or more) sets of SAs, or one set with each exchange resulting in new SAs that replace the old ones. If other behaviors result, I'd like to hear it! > We can defined this behavior in RFC, If the two behaviors result straightforwardly from the RFC as it stands and local implementation choices, then I don't see a need to "define", just describe. Publishing a new RFC to describe this seems a bit wasteful of resources. Nico -- _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec