VMware, Inc.
OPTIMIZED AND SCALABLE METHOD OF DETECTING DEAD INTERNET KEY EXCHANGE (IKE) PEERS

Abstract:

Certain embodiments described herein relate to a method for performing dead peer detection (DPD) by a local gateway. The method includes periodically examining one or more array elements of a timestamp array. The method further includes, for each of the examined one or more array elements, determining whether a corresponding idle timeout threshold is met. The method further includes, upon determining that the corresponding idle timeout threshold is not met, refraining from causing a notification to be transmitted to a peer gateway. The method also includes, upon determining that the corresponding idle timeout threshold is met, causing a notification to be transmitted to the peer gateway to determine whether the peer gateway is responsive with respect to a tunnel associated with the examined array element.