[strongSwan] dhcp plugin, isc-dhcp vs dnsmasq
brent s.
bts at square-r00t.net
Mon Jan 14 11:47:04 CET 2019
On 1/14/19 5:12 AM, Harald Dunkel wrote:
> Hi folks,
>
> using isc-dhcp-server 4.3.5 on the peer network my laptop takes just
> a second to establish an IPsec connection (dhcp plugin involved, of
> course). Using dnsmasq 2.80 it takes at least 3 seconds, maybe 4.
>
> Can anybody reproduce this disadvantage of dnsmasq over isc-dhcp? Do
> you think it would help to support rapid commit (rfc4039) in the dhcp
> plugin?
>
> (strongswan is version 5.7.2 on the laptop and on the peers. Debian 9)
>
>
> Regards
> Harri
Harri-
I can't help with your original request, but I *would* be curious in
seeing where exactly this happens and what dnsmasq is doing for those
3-4 seconds -
can you enable log-dhcp in your dnsmasq.conf (and restart), and share
with us the output during a connection to strongswan? (obviously scrub
any sensitive parts as necessary.)
--
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190114/fd00119e/attachment.sig>
More information about the Users
mailing list