[Openswan Users] 10 minute timeouts?

Matthew Claridge mclaridge at rwa-net.co.uk
Wed Dec 15 12:20:44 CET 2004

on 15/12/2004 11:51 Paul Wouters said the following:

> On Wed, 15 Dec 2004, Matthew Claridge wrote:
>> We've been running a script which sends a message through the vpn to 
>> an http server at the other end every second. The
>> replky is received almost immediately. However, every ten minutes, 
>> for a period of 3 seconds, the messages get lost,
>> presumably within the vpn somewhere.
>> We haven't narrowed down which end they're being lost at yet, 
>> although we have tcpdump traces to look at, but does anyone
>> know of any 10minute timeouts ot something similar which might 
>> explain this? We're at a loss to explain this and would
>> appreciate any ideas...
> Check the logfiles. Are you rekeying every 10 minutes?
> Are you using KLIPS or NETKEY? This might be a packet caching issue.
> Paul

Nothing seems to be happening on a 10 minute cycle in the logs. The SA 
is reestablished roughly every 8hrs, the ISAKMP every 6hrs and the 
reinit_secret event is every hour.....

I actually lied, its not running RHEL at all! Its Fedora FC2, so klips...

packet caching?


More information about the Users mailing list