[Openswan Users] Keeping tunnels up
Paul Wouters
paul at xelerance.com
Fri Feb 23 16:44:37 EST 2007
On Thu, 22 Feb 2007, Benny Amorsen wrote:
> Is there a good way to ensure that certain tunnels are always up, so
> that they get restarted if they drop for some reason?
auto=start with dpdaction=restart
> We use multiple tunnels to get multiple subnets through, and that
> works nicely. However, if just one of those tunnels drops, it is not
> necessarily restarted automatically. DPD is on but doesn't help if
> only one tunnel is down -- the peer is fine.
define "down" in this case? Did the remote end send a Delete/Notify?
With auto=start, it should restart when it is in a down state.
Note that there are some fixes post openswan-2.4.7 that address
some DPD issues:
#git c75967b03b2c478a612aef4ccb7e5dff6e4bdaf5: dpdaction=restart fix [mcr]
Try 2.4.8rc1 ?
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list