diff options
author | Tobias Brunner <tobias@strongswan.org> | 2015-11-18 14:51:13 +0100 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2015-11-18 14:55:15 +0100 |
commit | 45c5b992e04a6b25c29c4f5fbe0d4934876d8a07 (patch) | |
tree | 6f63470ba7d73e498ee5c3c71d58d569e63ebf64 /man/ipsec.conf.5.in | |
parent | 5461efe7b90f83099c42c8b922d6917a6c1757b6 (diff) | |
download | strongswan-45c5b992e04a6b25c29c4f5fbe0d4934876d8a07.tar.bz2 strongswan-45c5b992e04a6b25c29c4f5fbe0d4934876d8a07.tar.xz |
man: Update description of the actions performed for different dpdaction values
For instance, charon does not unroute `auto=route` connections with
`dpdaction=clear`.
Diffstat (limited to 'man/ipsec.conf.5.in')
-rw-r--r-- | man/ipsec.conf.5.in | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in index 6ddb05728..61804c8b3 100644 --- a/man/ipsec.conf.5.in +++ b/man/ipsec.conf.5.in @@ -349,13 +349,14 @@ liveliness of the IPsec peer. The values .BR hold , and .B restart -all activate DPD. If no activity is detected, all connections with a dead peer -are stopped and unrouted -.RB ( clear ), -put in the hold state -.RB ( hold ) -or restarted -.RB ( restart ). +all activate DPD and determine the action to perform on a timeout. With +.B clear +the connection is closed with no further actions taken. +.B hold +installs a trap policy, which will catch matching traffic and tries to +re-negotiate the connection on demand. +.B restart +will immediately trigger an attempt to re-negotiation the connection. The default is .B none which disables the active sending of DPD messages. |