[strongSwan] Charon recovery
Goshen, Ido (Ido)
igoshen at avaya.com
Wed May 25 15:58:45 CEST 2011
Hi,
I also experience what Mike is describing in
http://www.mail-archive.com/users@lists.strongswan.org/msg02447.html
Same thing but with pluto (IKEv1).
I probably miss something and don't understand how it could work:
In case pluto (or charon) crashes it can't clean the kernel's SPD/SADB.
When starter restarts it negotiates the same policy and will fail to
(re)add it to the SPD which fails QM completion on internal error.
I use setkey from some "other" package to monitor the kernel's SPD/SADB
and confirm that's the case (and also for flushing to recover).
Is there some similar tool in StrongSWAN for such operations?
Some things I had in mind:
1. Wouldn't it be good for starter to flush the SPD in case it
restarts pluto?
2. Can pluto ignore SPD addition failures when it already exists
and try to use what's already there?
Mike - I can't find response to your post. Were you able to resolve it?
Thanx,
- Ido
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110525/b85cc532/attachment.html>
More information about the Users
mailing list