A Quick Crash Detection Method for the Internet Key Exchange Protocol
RFC 6290, “A Quick Crash Detection Method for the Internet Key Exchange Protocol”, is a Proposed Standard document published in June 2011 by Y. Nir, D. Wierbowski, F. Detienne, P. Sethi. The canonical text is published by the RFC Editor.
Abstract
This document describes an extension to the Internet Key Exchange Protocol version 2 (IKEv2) that allows for faster detection of Security Association (SA) desynchronization using a saved token.
When an IPsec tunnel between two IKEv2 peers is disconnected due to a restart of one peer, it can take as much as several minutes for the other peer to discover that the reboot has occurred, thus delaying recovery. In this text, we propose an extension to the protocol that allows for recovery immediately following the restart. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 6290 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 6289 A Uniform Resource Name Namespace for CableLabs
- RFC 6291 Guidelines for the Use of the "OAM" Acronym in the IETF
- RFC 6288 URN Namespace for the Defence Geospatial Information Working Group
- RFC 6292 Requirements for a Working Group Charter Tool
- RFC 6287 OCRA: OATH Challenge-Response Algorithm
- RFC 6293 Requirements for Internet-Draft Tracking by the IETF Community in the Datatracker
- RFC 6286 Autonomous-System-Wide Unique BGP Identifier for BGP-4
- RFC 6294 Survey of Proposed Use Cases for the IPv6 Flow Label