[strongSwan-dev] strongswan 4.6.2: charon unstable/crashes when establishing a lot of connections
Daniel Palomares
palomaresdaniel at gmail.com
Tue Apr 17 17:26:17 CEST 2012
Hi,
If I'm not wrong IKE_SAs are stored in a linked list by default. So, the
performance
could get worst while the number of SAs increases. Tobias told me few days
ago that one could configure charon to use a hash table instead in order to
boost the IKA_SA lookup.
http://wiki.strongswan.org/projects/strongswan/wiki/IkeSaTable
Also try to log less than you would log by default. As Logging naturally
increases with the number of SAs. So , you could try to configure
strongswan.conf with logging values 0, 1 or even -1 to make it completely
silent.
http://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration
Also, I'm curious by knowing how long time does your strongswan's testbed
take to establish 3000 VPN connections?
BR
Daniel Palomares
2012/4/17 Martin Willi <martin at strongswan.org>
> Hi,
>
> > #3 element_create (value=0x8144ec0) at utils/linked_list.c:56
>
> To me this definitely looks like an out of memory situation.
>
> > We have enough RAM available on the Linux server (24 GB)
>
> There are many other memory limits than just the number of memory
> modules in your system. You're running strongSwan as a 32-bit
> application, so you should consider the size of your virtual address
> space. Also have a look at any memory related ulimits you have set.
>
> Regards
> Martin
>
>
> _______________________________________________
> Dev mailing list
> Dev at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20120417/f6ca61a9/attachment.html>
More information about the Dev
mailing list