Please have a look at:
http://bugzilla.kernel.org/show_bug.cgi?id=4952
It should look familiar.
We were discussing this in depth a few weeks ago, but the
discussion tailed off and I don't know how close we came
to a consensus or what that consensus might be :-)
The crux of the matter, to reiterate, is that it is a non-trivial
problem to determine what existing SA entries are subsumed by a
newly inserted one. The kernel would need to execute a rather
complicated search in order to determine this SA set.
The subsequent argument states that actually, unlike the kernel,
the keying daemon does have some knowledge about what a new
SA entry might be replacing. And therefore, that userland
daemons such as racoon bear some responsibility in assisting
in the smooth and efficient switchover from the dying state
entry to the newly inserted SA.
Any comments or corrections on this?
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
