[Openswan Users]
Paul Wouters
paul at xelerance.com
Wed Jan 26 22:06:45 CET 2005
On Wed, 26 Jan 2005, Nels Lindquist wrote:
> Recently I configured a Linksys WRT54GS with OpenWRT and OpenSWAN.
> Everything seems to be working properly, except that several times
> per day, the Intel IPSEC gateway decides the remote peer is gone:
>
> yxdgate pluto[1762]: "maei-yvrnet" #611: DPD: No response from peer -
> declaring peer dead
> yxdgate pluto[1762]: "maei-yvrnet" #613: deleting state
> (STATE_QUICK_I2)
> yxdgate pluto[1762]: "maei-yvrnet" #612: deleting state
> (STATE_QUICK_R2)
> pluto[1762]: "maei-yvrnet" #611: deleting state (STATE_MAIN_R3)
Well, good thing it works then :)
> Is there a known problem with DPD and the OpenWRT OpenSWAN, or is it
> more likely that the DSL connection is actually failing periodically?
I'd say your DSL failing is the most likely cause.
> Do I need to tweak the DPD settings on one or the other ends of the
> connection? Currently the default section contains the following:
>
> dpdaction=hold
> dpddelay=30
> dpdtimeout=120
I guess it depends on what you want to do. If these problems are so short you don't
notice them normally, you might want to increase dpdtimeout. But if these are real
problems, then throwing down the tunnels is probably a good thing.
Paul
--
"At best it is a theory, at worst a fantasy" -- Michael Crichton
More information about the Users
mailing list