A Traffic-Based Method of Detecting Dead Internet Key Exchange Peers
RFC 3706, “A Traffic-Based Method of Detecting Dead Internet Key Exchange Peers”, is an Informational document published in February 2004 by G. Huang, S. Beaulieu, D. Rochefort. The canonical text is published by the RFC Editor.
Abstract
This document describes the method detecting a dead Internet Key Exchange (IKE) peer that is presently in use by a number of vendors. The method, called Dead Peer Detection (DPD) uses IPSec traffic patterns to minimize the number of IKE messages that are needed to confirm liveness. DPD, like other keepalive mechanisms, is needed to determine when to perform IKE peer failover, and to reclaim lost resources. This memo provides information for the Internet community.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 3706 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 3705 High Capacity Textual Conventions for MIB Modules Using Performance History Based on 15 Minute Intervals
- RFC 3707 Cross Registry Internet Service Protocol Requirements
- RFC 3704 Ingress Filtering for Multihomed Networks
- RFC 3708 Using TCP Duplicate Selective Acknowledgement and Stream Control Transmission Protocol Duplicate Transmission Sequence Numbers to Detect Spurious Retransmissions
- RFC 3703 Policy Core Lightweight Directory Access Protocol Schema
- RFC 3709 Internet X.509 Public Key Infrastructure: Logotypes in X.509 Certificates
- RFC 3702 Authentication, Authorization, and Accounting Requirements for the Session Initiation Protocol
- RFC 3710 An IESG charter