[Openswan dev] Small optimisation for lots of interfaces

David McCullough david_mccullough at au.securecomputing.com
Mon May 22 11:19:00 CEST 2006

Jivin Michael Richardson lays it down ...
> >>>>> "David" == David McCullough <davidm at snapgear.com> writes:
>     David> Using simple tunnels (ie., same two hosts, same secret, lots
>     David> of networks) I have seen the following pluto silently exit
>     David> sometime between 1000 and 2000 tunnels.  I cannot remember f
>     David> I saw it crash or not in this scenario.  Each tunnel was
>     David> exercised as it came up to enure data would pass through ok.
>   Did this ever get reproduced? Or solved?  

We have since done 1000 tunnel tests using both Openswan and Freeswan
without problems,  but we haven't ventured any further.

Call it closed if you like,  we will eventually get around to pushing
the tunnel limits again,  but it's not a priority right now so I cannot
put a timeframe on it.

>   Is it possible it was the kernel OOM code kicking in?

It definately wasn't the OOM killer,  the systems pretty much hose
themselves completely whenever that kicks in ;-)


David McCullough,  david_mccullough at securecomputing.com,   Ph:+61 734352815
Secure Computing - SnapGear  http://www.uCdot.org http://www.cyberguard.com

More information about the Dev mailing list