[strongSwan] problem with charon and dpdaction=restart
Wolfgang Walter
wolfgang.walter at stwm.de
Thu Nov 11 10:58:50 CET 2010
Hello,
I tried using dpdaction=restart so that charon tries to restart a tunnel if
the physical connection broke.
Though, this seems not to work as expected (using strongswan 4.4.1).
It seems that one of both sides of a tunnel always thinks that it failed to
build a tunnel and then retries it again and again even though there a tunnel
already has been established. As we have a lot of tunnels (the central router
has about 1500), our central vpn-gateway (quad core) stops working properly.
Without dpdaction=restart all works fine (as long as no router is no
disconnected for about 3 minutes).
Regards,
--
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts
More information about the Users
mailing list