diff options
Diffstat (limited to 'man/ipsec.conf.5.in')
| -rw-r--r-- | man/ipsec.conf.5.in | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in index 6ddb05728..61804c8b3 100644 --- a/man/ipsec.conf.5.in +++ b/man/ipsec.conf.5.in @@ -349,13 +349,14 @@ liveliness of the IPsec peer. The values .BR hold , and .B restart -all activate DPD. If no activity is detected, all connections with a dead peer -are stopped and unrouted -.RB ( clear ), -put in the hold state -.RB ( hold ) -or restarted -.RB ( restart ). +all activate DPD and determine the action to perform on a timeout. With +.B clear +the connection is closed with no further actions taken. +.B hold +installs a trap policy, which will catch matching traffic and tries to +re-negotiate the connection on demand. +.B restart +will immediately trigger an attempt to re-negotiation the connection. The default is .B none which disables the active sending of DPD messages. |