[strongSwan] High latency (satellite) link : what can we improve ?

Hoggins! hoggins at radiom.fr
Tue Oct 24 17:53:30 CEST 2017


We sometimes use a satellite link for one of our site2sites tunnels, and
there are times when the tunnel simply stops working. Maybe we don't
wait enough for it to respawn by itself, but then we just restart the
StrongSwan daemon manually and we're good to go for another couple of hours.
Both ends have "make_before_break" enabled in charon.conf, so we would
assume that it's not a matter of timeout while reauthenticating. Could
it be ?

Basically, the satellite link adds up to 1.5s of roundtrip, maybe some
settings could be tuned in order to take this latency into account, and
ensure a connection without dropouts ?

Thank you !


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171024/478e3665/attachment.sig>

More information about the Users mailing list