[Swan] repetitive reestablishment of ipsec
Paul Wouters
pwouters at redhat.com
Wed Jan 2 17:43:07 EET 2013
On Wed, 2 Jan 2013, Oguz Yilmaz wrote:
> Debug with only control is below. I have suspected DPD and close it.
> However, I see this issue is not about DPD.
>
> My problems were:
>
> 1- Why it takes about 2 minutes after restart of ipsec to establish connection?
> 2- Why it reestablish connection after about 3 minutes repetitively?
> Jan 2 14:36:10 2013 pluto[8551]: \"merkezvpn/0x1\" #2: route-client
> output: /usr/libexec/ipsec/_updown.netkey: doroute `ip route replace
> 10.6.0.0/16 via 10.46.1.5 dev lo src 10.46.1.5\' failed (RTNETLINK
> answers: No such process)
This seems suspicious. Why is it trying to replace a route via dev lo?
I'm unsure why we see the "\" there.
Looks like related to the sourceip= issue you reported. I'll investigate.
Paul
More information about the Swan
mailing list