[strongSwan] Data transfer stops
Tobias Brunner
tobias at strongswan.org
Mon Aug 7 11:03:45 CEST 2017
Hi Yuri,
> I've used lifetimes from my first mail.
That seems unlikely as the last logs show that the two peers rekey the
CHILD_SAs immediately after they got established. With lifetime=2m and
margintime=20s, and the default rekeyfuzz=100% the rekeyings should
happen randomly between 80 and 100 seconds after a CHILD_SA got
established (see [1]).
Regards,
Tobias
[1]
https://wiki.strongswan.org/projects/strongswan/wiki/ExpiryRekey#ipsecconf-Formula
More information about the Users
mailing list