Hi Oliver,

> other than failures to get a response 
> out of the left side during a rekey

Why is that?  What causes this issue?

> Now, the tunnel comes up successfully, but errors are seen and it currently 
> appears that it fails in a bad way at renegotiation of ESP and only recovers 
> after the entire IKE resets.

Might be related to the issue above.

> The error is the following, repeated several times (appears to be one for each 
> right side subnet):
> Nov 19 15:27:17 prodege-rtr charon[6028]: 08[KNL] received netlink error: 
> Network is unreachable (101)
> Nov 19 15:27:17 prodege-rtr charon[6028]: 08[KNL] unable to install source 
> route for

More information on the routes in your routing tables at that time might
help (also compared to how they look when when you reset everything).


