[strongSwan] Charon recovery

Mike Spengler mks at foobox.com
Fri Oct 8 05:54:31 CEST 2010


Hi,

I'm trying to test StrongSwan's behavior in the case when the charon daemon
crashes - hasn't happened yet, but I want to handle things just in case. I'm 
just testing with just a single connection so far and only have the policy 
installed - no SAs have been setup. When I 'kill -11 charon', the starter 
successfully reforks charon but then charon tries to (re-)add the policy and 
fails (it still exists) and then it deletes the policy. If I manually do a 
'ipsec reload' it seems to get things going again. I've attached logfiles from 
starter and charon.

How is this recovery scenario supposed to work? Also, how are any existing SAs 
handled?

Thanks for any info,
-mike
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: starter.log
URL: <http://lists.strongswan.org/pipermail/users/attachments/20101007/6de94783/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: charon.log
URL: <http://lists.strongswan.org/pipermail/users/attachments/20101007/6de94783/attachment-0001.ksh>


More information about the Users mailing list