[Openswan Users] Connect() hangs in xfrm kernel module when tunnel down
Gupta, Deepak (Deepak)
deepak.dg.gupta at alcatel-lucent.com
Thu Feb 10 08:57:03 EST 2011
Just FYI, this behavior can be changed by setting the following kernel param:
# echo "1" > /proc/sys/net/core/xfrm_larval_drop
This causes the connect() to return immediately on a non-blocking socket with an appropriate POSIX compliant errno. This param has been set to value 1 by default in RHEL 6.0, but not in RHEL 5.x.
-Deepak
-----Original Message-----
From: Gupta, Deepak (Deepak)
Sent: Monday, January 24, 2011 9:55 AM
To: users at openswan.org
Subject: Connect() hangs in xfrm kernel module when tunnel down
Hello,
I am seeing an issue on an RHEL 5.4 kernel that causes a connect() to a NON-BLOCKING socket on the other end of the tunnel to hang for more than 30+ secs in the xfrm module in the kernel. This happens when the tunnel goes down after being established. Eventuall the connect() returns with an ESRCH (however note that pluto was running the entire time).
I see some threads on this topic from a while back, but I did not see any resolutions. Is this a known issue in the kernel? I have seen this occur on previous versions of RHEL (5.3 and 5.2) as well.
Any ideas or thoughts?
Thanks in advance.
-Deepak
More information about the Users
mailing list