[Swan-dev] sanitize retransmission; will wait line

Antony Antony antony at phenome.org
Mon Feb 24 13:27:24 UTC 2020

I have an idea to sanitize the transient lines such as
"retransmission; will wait" during testrun. 

Some test where we need to the retransmission add a special marker e.g 
"ipsec auto --up <conn> #retransmits" I suggest "#retransmits" as a 
convention. and open to short catchy word. It can also be just #

"ipsec auto --up <conn>" #retransmits 

I added #retransmits to 14 to 10 tests.

A related side topic:
while working on the sanitizer I realized we can also sanitize 
retransmission; lines unconditionally. At the end of retransmission there is 
another log line. It seems to work for ikev2 tests for sure.  
xauth/aggressive mode may need adding an extra log line similar to 
ikev2/ikev1 main mode.  

e.g ikev2-dcookie-02 would look like:
 ipsec auto --up westnet-eastnet-ikev2 #retransmits
1v2 "westnet-eastnet-ikev2" #1: initiating IKEv2 IKE SA
1v2 "westnet-eastnet-ikev2" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
031 "westnet-eastnet-ikev2" #1: STATE_PARENT_I1: 5 second timeout exceeded after 3 retransmits.  No response (or no acceptable response) to our first IKEv2 message

NOTE: sanitizer removed "retransmission; will wait " lines. Note the last log 
line that clearly shows timeout occurred. This is probably a cleaner choice 
than #retransmits marker.
However, I am not 100% sure there is such a log line(s) for xauth/aggressive 
moe in all cases. Something to figure out.

So this may break some corner cases of xauth or IKEv1 aggressive tests..
I think it can be fixed by adding an extra log line like in ikev2 retransmit 
function.  If you know these cases please share it or fix it.

read testing/sanitizers/ipsec-auto-up.n.sed  for details.


More information about the Swan-dev mailing list