[Openswan Users] fos_start and pluto crazy
Paul Wouters
paul at xelerance.com
Mon Nov 27 11:00:06 EST 2006
On Mon, 27 Nov 2006, Marco Berizzi wrote:
> Hi everybody.
> I'm running Openswan 2.4.7 on linux 2.6.18.3 (netkey).
> Yesterday evening I have shutdown one of our gateway
> (venezia), and restarted this morning.
> All went fine, but one of our gateways was quite slow
> because it was writing ton of:
>
> pluto[709]: "venezia" #2844: initiating Quick Mode
> RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS+UP {using isakmp#2829}
>
> to /var/log/secure
> It has also wrote ton of:
>
> pluto[709]: initiate on demand from 172.18.1.13:0 to
> 172.16.1.21:0 proto=0 state: fos_start because: acquire
>
> while the 'venezia' gateway was shutdown.
> Is there a way to control this behaviour?
I've seen those myself on a rare occasion. But only on machines using NETKEY.
Next time, before restarting, run 'ipsec barf', it might tell us something
about the internal state, and what is happening.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list