<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Microsoft Theme 2.00" content="Sky 011">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Verdana;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        font-size:12.0pt;
        font-family:"Verdana",sans-serif;
        color:#282A55;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {mso-style-priority:34;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        font-size:12.0pt;
        font-family:"Verdana",sans-serif;
        color:#282A55;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri",sans-serif;
        color:windowtext;
        font-weight:bold;
        font-style:normal;
        text-decoration:none none;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri",sans-serif;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:14036589;
        mso-list-type:hybrid;
        mso-list-template-ids:-1036868648 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level2
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level3
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l0:level4
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level5
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level6
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l0:level7
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level8
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level9
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l1
        {mso-list-id:2133592311;
        mso-list-type:hybrid;
        mso-list-template-ids:1878053646 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l1:level1
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level2
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level3
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l1:level4
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level5
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level6
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l1:level7
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level8
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l1:level9
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" background="cid:image001.gif@01D7E778.C372A040" lang="EN-US" link="#3B00CA" vlink="#093384" style="word-wrap:break-word">
<img src="cid:image001.gif@01D7E778.C372A040" v:src="cid:image001.gif@01D7E778.C372A040" v:shapes="_x0000_Mail" width="0" height="0" class="shape" style="display:none;width:0;height:0"><!--[if gte mso 9]><xml>
<v:background id="_x0000_s1025" o:bwmode="white" o:targetscreensize="1024,768">
<v:fill src="cid:image001.gif@01D7E778.C372A040" o:title="background_sky" type="frame" />
</v:background></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Hello,<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Experiencing an issue with version 5.8.0. We have two gateways in an HA arrangement. When the current master goes down, the backup takes over ok but when
 the old master comes backup (as the back up) and attempts to the re-sync the tunnel list from the new master (took over for the old master when the master was rebooted), I see the following msgs in the charon.log:<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:40.571 01[CFG] HA: accepted new connection request from fd00:2600:2600:115:1::1  # The rebooted old master is now coming back up<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:40.571 01[CFG] HA: successfully accepted incoming connection                                         # The rebooted old master starts its strongswan
 HA “sync” connection to us (the new master)<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.569 05[CFG] resyncing HA segment 1<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.995 05[CFG] HA: failed to receive 4 bytes : Connection reset by peer<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.995 05[CFG] HA: failed to read size (4 bytes)<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.995 05[CFG] HA: pulling message failed<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.995 05[DMN] thread 5 received 11                                                                                       # charon crashes??<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.995 06[CFG] HA: failed to send 17284930 bytes: Bad file descriptor<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.995 01[CFG] HA: accepted new connection request from fd00:2600:2600:115:1::1<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:41.995 01[CFG] HA: successfully accepted incoming connection<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:42.615 00[LIB] openssl FIPS mode(1) – enabled                                                                      # charon restarts ???<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:42.622 00[CFG] crl caching to /etc/ike/swanctl/x509crl enabled<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nov 30 04:10:42.622 00[CFG] loaded 0 RADIUS server configurations<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">3 questions:<o:p></o:p></span></b></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoListParagraph" style="color:windowtext;margin-left:0in;mso-list:l1 level1 lfo2">
<b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">The crash appears to have been caused by the “pulling message failed condition?<o:p></o:p></span></b></li><li class="MsoListParagraph" style="color:windowtext;margin-left:0in;mso-list:l1 level1 lfo2">
<b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">I don’t find a core anywhere, should charon have generated a core as result of the “thread 5 received 11” condition?<o:p></o:p></span></b></li><li class="MsoListParagraph" style="color:windowtext;margin-left:0in;mso-list:l1 level1 lfo2">
<b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Are there significant HA fixes/enhancements in strongswan 5.9.x ? Maybe we should upgrade?<o:p></o:p></span></b></li></ol>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">thx<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:windowtext">Dave Finley<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:windowtext"><a href="mailto:df1672@att.com"><span style="color:#0563C1">df1672@att.com</span></a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:windowtext">(630) 719-4391  (desk)<b><o:p></o:p></b></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:windowtext">(630) 740-5198  (mobile)<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>