[Swan-dev] testing yesterday's tree
Andrew Cagney
andrew.cagney at gmail.com
Tue May 15 17:03:57 UTC 2018
On 15 May 2018 at 12:54, Antony Antony <antony at phenome.org> wrote:
> On Tue, May 15, 2018 at 10:11:10AM -0400, Andrew Cagney wrote:
>> On 15 May 2018 at 00:24, Paul Wouters <paul at nohats.ca> wrote:
>> >> packets lost
>> >> testing/pluto/ikev2-delete-05-sa-start failed west:output-different
>> >> testing/pluto/ikev1-algo-esp-sha2-01-netkey-klips failed
>> >> west:output-different
>> >> testing/pluto/ikev1-algo-esp-sha2-02-netkey-klips failed
>> >> west:output-different
>> >> testing/pluto/interop-ikev2-strongswan-39-mobike-responder failed
>> >> east:output-different road:output-different
>> >
>> >
>> > That's hard to always get right, unfortunately it differs per test
>> > machine.
>> >
>> >> SA established late?
>> >> testing/pluto/ikev2-delete-06-start-both failed west:output-different
>> >
>> >
>> > I only got a packet loss here :)
>>
>> We should be able to account for all packets sent and received - our
>> transport is reliable. Unfortunately:
>>
>> - the way ping is used (or some would argue, ping itself) isn't very
>
> Interesting find.
>
>> robust. As a simple example, the first ping below is
>> non-deterministic (it can send one or two ping packets):
>
> with IPsec involved?
It has nothing to do with IPSec.
>> ping -q -w 1 -n -c 1 "$@"
>
> ping -q -w 1 -n -c 1 192.1.2.45
>
> PING 192.1.2.45 (192.1.2.45) 56(84) bytes of data.
>
> --- 192.1.2.45 ping statistics ---
> 1 packets transmitted, 0 received, 100% packet loss, time 0ms
>
> when I try manually I don't see it sending two packets.
> would you share the output on simple host where it set 2 packets?
Give it time, it is after all non-deterministic :-)
All of these tests, at one point or another, exhibited the problem:
$ grep one-ping.sh testing/pluto/*/*.sh | cut -d/ -f3 | sort -u
certoe-09-packet-host
ikev2-62-host-ondemand
ikev2-62-host-ondemand-instance
ikev2-child-01-pfs-no-downgrade-no
ikev2-child-02-pfs-yes-downgrade-yes
ikev2-child-03-dh-none-pfs-no
ikev2-child-04-dh-none-pfs-yes
just check your archives.
Andrew
More information about the Swan-dev
mailing list