[Openswan Users] Connection over IPSec times out after exactly 15 minutes
subscription at kkeane.com
Tue Oct 4 15:28:31 EDT 2011
I'm trying to troubleshoot a problem with another application that
appears to be related to IPSec. I was hoping to pick the collective
brains to solve this.
The application in question is bacula, a client-server backup
application. I have a few servers in a data center in Illinois, and a
few servers in the home office in California. The bacula director and
storage (bacula's server side) is in California; the file daemon (client
side) is in Illinois. Tha data being backed up thus is supposed to
travel through the IPSec tunnel.
I used to use an SSH tunnel to connect Illinois and California - and in
fact, two of the servers still use that mechanism without a problem.
Recently, I started using an IPSec tunnel (openswan to a Sonicwall
device) instead - for now only on one of the servers. Ever since,
backups of this one server started failing after exactly 15 minutes. The
error message is, on both sides, Connection reset by peer.
I already asked on the bacula mailing list; somebody there pointed me to
tcpmss clamping. As I was reading up on it, it didn't sound like it was
my problem (it doesn't seem to explain why data flows fine for 15
minutes, and then suddenly stops), but I have to admit that I don't
fully understand it.
More information about the Users