[strongSwan] SIGHUP

yordanos beyene yordanosb at gmail.com
Thu Dec 6 11:00:10 CET 2012


Thank you Martin for the prompt clarification. I appreciate.
It is good to know existing connections will continue to operate without
any interruption.

Jordan.

On Thu, Dec 6, 2012 at 1:01 AM, Martin Willi <martin at strongswan.org> wrote:

> Hi Jordan,
>
> > I need to initiate SIGHUP for strongswan to pick up configurations in
> > strongswan.conf.
>
> SIGHUP reloads strongswan.conf and tells all plugins to reload its
> configuration. But this is currently supported in a few plugins only,
> namely eap-radius, attr and (partially in) pkcs11.
>
> > I want to confirm if this still holds true with strongswan 5.0
>
> Yes.
>
> > 1. Do all updates to "strongswan.conf" require SIGHUP? Are there any
> > configurations that may still require ipsec stop and ipsec start?
>
> strongswan.conf is reread after SIGHUP, but this does not mean that new
> options apply automatically. Some options are fetched for each newly
> established connection (such as retransmission parameters), these apply
> to newly established connections. Others for long-lived infrastructure
> are read during startup, a restart is required to change them.
>
> > 2. Does SIGHUP stop active IPsec connections.
>
> No.
>
> Regards
> Martin
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20121206/29c11c35/attachment.html>


More information about the Users mailing list