[strongSwan] Query regarding stroke messages.
bhargav.1226 at gmail.com
Tue Apr 12 17:08:04 CEST 2016
I am doing below IPSec testcase.
Let's say IPSec tunnel is established between two ends[A ------------ B].
For some reason, B side tunnel went down, and couldn't notify A.
Lets say r1~v1 is conn name.
Now on A, I am doing "ipsec down r1~v1", which sends "ipsec stroke
terminate", trying to clear the tunnels and sends the DELETE notification
to other end. As the other end is down, A will not receive the DELETE
reply. And A is entering into retransmitt mode. And all the subsequent
stroke messages are in queue,because of retransmission mode.
When this is going on, I removed "r1~v1" in ipsec.conf and sent SIGHUP,
and added back the connection "r1~v1" in ipsec.conf and sent SIGHUP.
I am seeing all the stroke messages related to this conn[r1~v1] are in
queue, and once after 5 retransmitts all the pending stroke messages are
Queuing the stroke messages when conn is in retransmission mode, Is this
Is there anyway to prevent the retransmissions for specific Informationl
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users