1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
This tests the RFC3706 DPD implementation, with dpdaction=hold on east,
and dpdaction=hold on west.
This means both sides with %trap the eroute awaiting a new packet to
trigger reestablishment of the tunnel.
Order of Operations:
1) East sets up for tunnel
2) West initiates tunnel to east
3) We idle for 20 seconds, to prove that DPD R_U_THERE/R_U_THERE_ACKs work.
4) West blocks the DPD probe on eth0
BY BLOCKING INCOMING PACKETS
THIS MEANS DELETES CAN STILL REACH EAST!
5) Both sides trigger a DPD Timeout:
East puts the eroute into %trap
West puts the eroute into %trap
AND SENDS DELETES WHICH REACH EAST!
6) West removes the traffic block
7) West sends icmp packets to east, triggering a renegotiation of the tunnel
|
