[strongSwan-dev] [PATCH 0/5] Recover IKE_SA reset after successful IKE_SA_INIT
Thomas Egerer
thomas.egerer at secunet.com
Tue Jun 29 15:31:07 CEST 2010
Martin Willi schrobtete:
>> have experienced a growing number of queued IKE_INIT and IKE_NATD (one
>> task for every reset of the ike_sa to be precise).
>
> Hm, not obvious to me why this happens, as these tasks should have gone
> if we received the IKE_SA_INIT response. I'll have to test that.
Behold ;), the peer is unreachable, I should have mentioned this. So each single
time the ike_sa is restarted, it gets another two tasks queued that aren't removed
since the response of the peer is not received.
Thomas
More information about the Dev
mailing list