[Swan] TX/RX Errors on IPsec VTI
Paul Wouters
paul at nohats.ca
Sun Jul 2 12:05:38 UTC 2017
On Tue, 27 Jun 2017, Craig Marker wrote:
> tunisp4: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1480
> inet x.x.x.x netmask 255.255.255.255 destination y.y.y.y
> tunnel txqueuelen 1 (IPIP Tunnel)
> RX packets 8732239 bytes 2617024564 (2.4 GiB)
> RX errors 397 dropped 397 overruns 0 frame 0
> TX packets 14074281 bytes 10912751224 (10.1 GiB)
> TX errors 1679 dropped 0 overruns 0 carrier 1679 collisions 0
>
> I’m seeing RX errors and dropped packets in addition to TX carrier errors on my IPsec VTI. I’ve played
> around with txqueuelen, which reduces the RX errors, but doesn’t eliminate them. Has anyone else seen
> these or have an idea of configuration to change? I’m running libreswan 3.19 on CentOS 7.3.
Did those happen during restart/rekey ?
What does this command say: grep -v -P "\t0$" /proc/net/xfrm_stat
Paul
More information about the Swan
mailing list