[Swan-dev] New problem in 3.9 with crypto overload
Tuomo Soini
tis at foobar.fi
Tue Jul 15 20:30:49 EEST 2014
I see in one system new problem which never happened in 3.8.
Jul 15 15:27:16 firewall2 pluto[15180]: "tunnel1" #10794: message in
state STATE_MAIN_R1 ignored due to cryptographic overload Jul 15
15:27:56 firewall2 pluto[15180]: "tunnel1" #10805: message in state
STATE_MAIN_R1 ignored due to cryptographic overload Jul 15 15:28:06
firewall2 pluto[15180]: "tunnel1" #10805: message in state
STATE_MAIN_R1 ignored due to cryptographic overload Jul 15 15:28:16
firewall2 pluto[15180]: "tunnel1" #10805: message in state
STATE_MAIN_R1 ignored due to cryptographic overload Jul 15 15:28:56
firewall2 pluto[15180]: "tunnel1" #10814: message in state
STATE_MAIN_R1 ignored due to cryptographic overload Jul 15 15:29:06
firewall2 pluto[15180]: "tunnel1" #10814: message in state
STATE_MAIN_R1 ignored due to cryptographic overload Jul 15 15:29:16
firewall2 pluto[15180]: "tunnel1" #10814: message in state
STATE_MAIN_R1 ignored due to cryptographic overload
This is short piece of log.
When we hit overload with at sate it never goes away - as if we never
clear the STF_TOOMUCHRYPTO.
This problem is not in 3.8 so it must be because of helper cleanup which
was done during 3.9 development.
I only see this in a big system with 16 visible cores (15 helpers) and
over 200 states.
Any ideas?
--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
More information about the Swan-dev
mailing list