[strongSwan] what could cause strongswan 4.3.2 to freeze up

[Simon Chan]

Greetings,

Seeking advise on how to debug a recurring problem - charon appears to be frozen.

Symptoms:
---------
- Tunnels already established remained operational but no new connection accepted. We verified with tcpdump that connection requests arrive at the box (a Vyatta VM) but /var/log/messages showed no charon activity.
- Log level: knl=2, ike=2. Up to point of failure log file had lots of entry like this:
charon: 10[KNL] querying policy 10.113.253.0/24 === 0.0.0.0/0 in 
- After the failure point no charon entries in the log file at all. Only entries from pam_unix and ntpd.
- Our remote peers are mobile and switch networks as they move around. Because no new connection could be setup, eventually all tunnels were down.
- OS seemed to be in good shape. Could login, run tcpdump, view logs, check ipsec status, top, ps aux, df etc, all normal.
- I was told that ipsec restart did not fix problem. Rebooting the VM fixed it.
- This problem happened 3 times so far. Last time was 3 weeks ago.

The environment:
------------------
- Virtual Machine running Debian 5.0.4, 4G RAM (no mistake !), 2.6.32 kernel
- Disk usage is 25% of 4G
- Strongswan 4.3.2, both charon and pluto running. All connections are IKEv2.
- Total 40 tunnels, half were active when incident occurred.
- We use Mobike.

Anyone know what may cause this problem in 4.3.2? Any advise how to debug this?  What other log type (cfg, job, chld etc) should I turn on? 

Appreciate your help.
sc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20111102/01698bcc/attachment.html>