[Openswan Users] Tunnel hibernation
Ferdinand O. Tempel
pw at linuxops.net
Sat Apr 9 13:18:58 CEST 2005
On Tue, 2005-04-05 at 11:15 +0200, Paul Wouters wrote:
> On Tue, 5 Apr 2005 pw at linuxops.net wrote:
>
> > I have an OpenSWAN server to which several clients (linux/OpenSWAN, BSD)
> > connect. The tunnels establish fine, and work too...for a while. After some
> > time of inactivity the ipsec tunnels seem to go into hibernation mode, and
> > traffic initiated from the client side is not getting through. However, when
> > the server side initiates traffic the tunnel comes back alive, and
> > communication back and forth is possible again. Currently I'm using OpenSWAN
> > 2.3.0 with KLIPS26 on a 2.6.10 kernel. I've also seen this behaviour with
> > NETKEY on the same kernel and config.
>
> This should be fixed in 2.3.1, which will be released soon. You can already
> try 2.3.1dr6. I have been running it for a few days, and most of my issues
> with 2.3.0 are gone, though I did require a restart twice on the server end,
> but my setup is rather complex and involves ppp devices vanishing regularly.
I've upgraded both server (kernel 2.6/x86) and client side (kernel
2.4/mipsel) to 2.3.1 (still using KLIPS), and I'm experiencing the same
issues with tunnels going silent until the server initiates traffic.
Server: 2.6.10/KLIPS26 2.3.1/openswan 2.3.1/ipsec0 bridged to a tuntap
device, but the same behaviour is seen with a "regular" setup.
Client: 2.4.20/mipsel/KLIPS 2.3.1/openswan 2.3.1
I've reported this to http://bugs.openswan.org with this text as a new
issue as I couldn't find an existing one.
Regards,
Ferdinand O. Tempel
More information about the Users
mailing list