[strongSwan] Soft Lifetime set as "0" in SAD in data base
Reshma Begam
reshma.begam at gmail.com
Mon Apr 2 12:13:11 CEST 2012
Hi,
I had seen soft lifetime as 0 in SAD database and when this can happen?
can some one please comment. Following are the lifetime and margin values
used in our configuration.
ikelifetime (phase1) : 3600s
keylife (pahse2) : 1800s
rekeymargin : keylifetime/10 = 1800/10
rekeyfuzz : 100%
Setkey -D
====================
# setkey -D
source=10.69.211.113 destination=10.69.211.169
protocol=esp mode=tunnel spi=171795725(0x0a3d650d)
reqid=3(0x00000003)
encr-algo=aes-cbc
encr-key=d4ce82ab1a1a227042f7223be73992aa
auth-algo=hmac-sha1
auth-key=9813fe27b461ae4e21aa30b3c8d4d0d5e02e5beb
replay-window=32 flags=0x11000000 state=mature seq=1 pid=12331
created=2012-03-30/12:59:04 current=2012-03-30/13:20:49
elapsed=1305(s)
hard-lifetime=1800(s) expiration=2012-03-30/13:29:04
* soft-lifetime=0(s) renewal=2012-03-30/12:59:04 *
last-use=2012-03-30/12:59:05
bytes-processed=3005251 hard-lifebyte=0 soft-lifebyte=0
vrfid=0 xvrfid=0
source=10.69.211.169 destination=10.69.211.113
protocol=esp mode=tunnel spi=3393626443(0xca46a14b)
reqid=3(0x00000003)
encr-algo=aes-cbc
encr-key=33df05abedf86b9a83a66e4f4cb47058
auth-algo=hmac-sha1
auth-key=bbaa5769f326304efe20cfb978074f1252e09f18
replay-window=32 flags=0x10000000 state=mature seq=0 pid=12331
created=2012-03-30/12:59:04 current=2012-03-30/13:20:49
elapsed=1305(s)
hard-lifetime=1800(s) expiration=2012-03-30/13:29:04
soft-lifetime=1557(s) renewal=2012-03-30/13:25:01
last-use=never
bytes-processed=2222776 hard-lifebyte=0 soft-lifebyte=0
vrfid=0 xvrfid=0
--
Regards,
Reshma
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120402/68a7bb7c/attachment.html>
More information about the Users
mailing list