[Swan-dev] does the address pool really share leases?
andrew.cagney at gmail.com
Thu Sep 26 20:58:43 UTC 2019
I'm trying to understand shared leases - while the code gives the
impression that arbitrary connections can share leases I suspect that
isn't true. Instead, I suspect there are two scenarios:
- where an SA shuts down (cleanly), so that the same lease might be
assigned when the SA later re-establishes, the id:lease pair
this doesn't involve sharing, but is only useful when leases can be
uniquely identified using the ID
- where a new CHILD SA is trying to steal an existing lease
. SAs establish with a lease assigned
. something goes wrong, an end starts bringing up a new SA and wants
to re-use the old lease (but it is still reserved by the old SA)
. since the IDs match the lease is shared
. when the new SA hits the kernel things get updated
. when the old SA gets zapped, the sharing stops
- is there anything else?
More generally, the second problem seems to have a lot in common with
connection instances - trying to pair up a new SA with an existing but
failing instance using the ID. Can (shared) leases only be assigned
to connection instances and vice versa?
More information about the Swan-dev