[strongSwan] tunnel gets deleted after new CHILD_SA (strongswan 5.1.1-1)

Axel Zöllich a.zoellich at kirsch.zoellich.de
Tue Jan 7 15:07:12 CET 2014


This tunnel terminates after keylifetime:

conn jung
        ikelifetime=86400
        keylife=21600
        left=80.152.162.192
        leftsubnet=192.168.222.0/24
        leftid=217.86.157.103
        leftfirewall=yes
        right=217.86.157.103
        rightsubnet=192.168.1.0/24
        rightid=%any
        auto=start

Jan  6 21:46:41 08[CFG] received stroke: add connection 'jung'
Jan  6 21:46:41 08[CFG] added configuration 'jung'
Jan  6 21:46:41 04[CFG] received stroke: initiate 'jung'
Jan  6 21:46:41 04[IKE] initiating Main Mode IKE_SA jung[3] to 217.86.157.103
Jan  6 21:46:42 10[IKE] IKE_SA jung[3] established between 80.152.162.192[217.86.157.103]...217.86.157.103[217.86.157.103]
Jan  6 21:46:42 08[IKE] CHILD_SA jung{3} established with SPIs c5e479fd_i 43d756e0_o and TS 192.168.222.0/24 === 192.168.1.0/24

EVERY 30 seconds:
Jan  7 02:14:11 01[IKE] sending DPD request
Jan  7 02:14:11 01[ENC] generating INFORMATIONAL_V1 request 1701154480 [ HASH N(DPD) ]
Jan  7 02:14:11 01[NET] sending packet: from 80.152.162.192[500] to 217.86.157.103[500] (92 bytes)
Jan  7 02:14:11 10[NET] received packet: from 217.86.157.103[500] to 80.152.162.192[500] (92 bytes)
Jan  7 02:14:11 10[ENC] parsed INFORMATIONAL_V1 request 2191206639 [ HASH N(DPD_ACK) ]
[...]

Jan  7 03:41:00 10[IKE] CHILD_SA jung{3} established with SPIs ced7011d_i 43d756e7_o and TS 192.168.222.0/24 === 192.168.1.0/24 
Jan  7 03:46:42 16[IKE] closing expired CHILD_SA jung{3} with SPIs c5e479fd_i 43d756e0_o and TS 192.168.222.0/24 === 192.168.1.0/24 
Jan  7 05:47:59 05[IKE] received DELETE for IKE_SA jung[3]
Jan  7 05:47:59 05[IKE] deleting IKE_SA jung[3] between 80.152.162.192[217.86.157.103]...217.86.157.103[217.86.157.103]

what happens during the rekeying and where are all this DPD request comming from?


Axel




More information about the Users mailing list