[Openswan Users] Connect() hangs in xfrm kernel module when tunnel down
Paul Wouters
paul at xelerance.com
Thu Feb 10 10:09:04 EST 2011
On Thu, 10 Feb 2011, Gupta, Deepak (Deepak) wrote:
> Just FYI, this behavior can be changed by setting the following kernel param:
>
> # echo "1" > /proc/sys/net/core/xfrm_larval_drop
>
> This causes the connect() to return immediately on a non-blocking socket with an appropriate POSIX compliant errno. This param has been set to value 1 by default in RHEL 6.0, but not in RHEL 5.x.
Thanks for this. I'll add a check in "ipsec verify" for this!
Paul
More information about the Users
mailing list