[strongSwan] Tunnels "slowing"

Hoggins! hoggins at radiom.fr
Sat Oct 21 17:26:49 CEST 2017


Hello list,

I occasionally encounter a strange behavior that I can't really pinpoint
: a StrongSwan server of ours runs forever with a few connections (three
road warriors, and two site2site tunnels), but from time to time,
everything gets really slow, and the only solution is to restart the
StrongSwan service. Immediately, everything is as back as fast as it can be.

Meanwhile, we can't make any useful observation : no particular log, no
suspicious memory footprint, no dramatic change in CPU usage. It just
gets slower without any apparent reason.

I'm using the "client" and "server" terminology here, just because we
could consider we have kind of a star network : one concentrator (the
server), and several clients (the road warriors and the site2site
initiator routers).

My server version is :
    - Linux strongSwan U5.6.0/K4.13.4-200.fc26.x86_64 (Fedora 26 system)

My clients are :
    - Linux strongSwan U5.3.5/K4.4.0-97-generic
    - Linux strongSwan U5.5.1/K4.4.8
    - Linux strongSwan U5.6.0/K4.13.5-100.fc25.x86_64
    - Linux strongSwan U5.6.0/K4.12.14-200.fc25.x86_64

Is there anything I should look up to get more information ? The most
surprising thing for me is that I just need to restart the "server"
service to get things back at normal operation.

Thanks !

    Hoggins!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171021/2f29e2ff/attachment.sig>


More information about the Users mailing list