doc/src/responderstate.txt


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

                |
                | IKE main mode 
                |  phase 1
                V
        .-----------------.  
        | unauthenticated | 
        |     OE peer     |
        `-----------------'
                |
                | lookup KEY RR in in-addr.arpa 
                |             (if ID_IPV4_ADDR)
                | lookup KEY RR in forward
                |             (if ID_FQDN)
                V
        .-----------------.  RR not found
        |   received DNS  |---------------> log failure
        |     reply       | 
        `----+--------+---'
     phase 2 |        \      misformatted 
    proposal |         `------------------> log failure
             V
    .----------------.
    |  authenticated |  identical initiator 
    |     OE peer    |--------------------> initiator 
    `----------------'  connection found    state machine
         |
         | look for TXT record for initiator
	 |
         V  
   .---------------.
   |  authorized   |---------------------> log failure
   |    OE peer    |
   `---------------'
         |
         |
         V
    potential OE
    connection in
    initiator state
	machine


$Id: responderstate.txt,v 1.1 2004/03/15 20:35:24 as Exp $