R3303-HP HSR6800 Routers Security Configuration Guide
67
Rekey
If rekey parameters are configured on the KS, the KS periodically unicasts or multicasts (the default mode
is multicast) rekey messages to registered GMs to update their IPsec SAs or rekey SAs. The rekey
messages are protected by the current rekey SA on the KS. GMs authenticate the rekey messages by
using the public key that it received from the KS during registration. If a GM does not receive any rekey
messages before its IPsec SA or rekey SA expires, the GM re-registers to the KS. For more information
about rekey messages, see GROUPKEY-PUSH in RFC 3547.
KS redundancy
As shown in Figure 154, a group of KSs are deployed to achieve high availability and load sharing. One
KS is the primary KS, and others are secondary KSs. The primary KS creates and maintains keys,
advertises keys and GM information to secondary KSs, and sends rekey messages to registered GMs.
The secondary KSs do not generate keys. All the primary and secondary KSs can accept registrations
from GMs to achieve load sharing. Each secondary KS sends information about all registered GMs to the
primary KS.
Figure 154 KS redundancy
The KSs use a proprietary protocol of HP to perform primary KS election, data exchange, and keepalive
functions.
Primary KS election
The KSs elect the KS that has the highest priority as the primary KS. The priority of a KS is set
in Configuring GDOI KS redundancy. If m
ultiple KSs have the same priority, the KS with the highest IP
address is elected as the primary KS.
When the primary KS fails, the other KSs re-elect a new primary KS.
Data exchange
The primary KS exchanges data with secondary KSs to achieve data consistency and backup. The
primary KS advertises keys and GM information to secondary KSs, and the secondary KSs send
information about registered GMs to the primary KS.