[Openswan Users] 10 minute timeouts?
Matthew Claridge
mclaridge at rwa-net.co.uk
Wed Dec 15 12:20:44 CET 2004
on 15/12/2004 11:51 Paul Wouters said the following:
> On Wed, 15 Dec 2004, Matthew Claridge wrote:
>
>> We've been running a script which sends a message through the vpn to
>> an http server at the other end every second. The
>> replky is received almost immediately. However, every ten minutes,
>> for a period of 3 seconds, the messages get lost,
>> presumably within the vpn somewhere.
>>
>> We haven't narrowed down which end they're being lost at yet,
>> although we have tcpdump traces to look at, but does anyone
>> know of any 10minute timeouts ot something similar which might
>> explain this? We're at a loss to explain this and would
>> appreciate any ideas...
>
>
> Check the logfiles. Are you rekeying every 10 minutes?
>
> Are you using KLIPS or NETKEY? This might be a packet caching issue.
>
> Paul
Nothing seems to be happening on a 10 minute cycle in the logs. The SA
is reestablished roughly every 8hrs, the ISAKMP every 6hrs and the
reinit_secret event is every hour.....
I actually lied, its not running RHEL at all! Its Fedora FC2, so klips...
packet caching?
Matt
More information about the Users
mailing list