[strongSwan] Potential bug in DPD implementation?

Julian Pawlowski julian.pawlowski at gmail.com
Thu Jul 8 17:42:14 CEST 2010


Hi folks,

I'm currently experiencing some buggy behavior with strongSwan on a
Vyatta VC6 box...

ipsec --version
Linux strongSwan U4.3.2/K2.6.31-1-586-vyatta

I have already a running discussion open in the Vyatta support board
and I was wondering if I might refer you to this directly:

"S2S VPN with dynamic peer not being up after IP change"
http://www.vyatta.org/forum/viewtopic.php?p=50421#50421

According to my analysis it seems that after the dead peer was
detected the tunnels are not cleaned up correctly as I can still see
them in output of "ipsec status". However logfile says that connection
has been cleared...
It might also be that the Pluto daemon is ignoring TTL from DNS
records as the updated A record for my dyndns address is not known to
the pluto daemon until manually forced tunnel cleanup... :-/

I'd highly appreciate anybody's feedback and support in this case,
thank you in advance!


Best regards from Munich
Julian




More information about the Users mailing list