When Node-A sent a 1500 bytes packet to Node-B, Node-A marked IPsec-SA as used and count used-bytes up. But the packet may lost. In this case, Node-B can't count used-bytes. Even if Node-A think IPsec-SA is expired at this time, Node-B doen't think so. i.e. the states of IPsec-SA is mismatched. Racoon's strategy of rekeying is "Initiator do it." If Node-B is responder, Node-A doesn't start rekeying even if IPsec-SA is expired. That sounds like a bug in racoon. It seems that if either end is unsatisfied with the SA, that end should trigger a new one. But the key question is what the other implementions do, and what the standard says. That said, I can see the argument that especially with a 24h or less lifetime, AES doesn't need volume-based rekeying.
Description: PGP signature