[Swan] Libreswan 3.15- Any Limit on number of Tunnel Connections

[Balaji Meenakshisundaram -X (bameenak - HCL TECHNOLOGIES LIMITED at Cisco)]

Hi-

I am using Libreswan 3.15 in CentOS 6.8 running on VM.  Same version of Libreswan is used in the peer.

Please clarify the following queries-

1)   Observing that when the disk space nears 90% or more, any of the ipsec commands seems to hang and does not get completed. I observed that pluto log file (/var/lib/pluto.log) occupied several Gigs. Any attempt to zero size this log file or reduce its size by removing few thousands lines of accumulated past logs does not resolve the issue.  This issue got resolved after rebooting the VM.

Could someone clarity if there is an alternate way to resolve this issue ?



2)   In the current scenario, a single tunnel is setup between the two peers with multiple ipsec configuration files created to connect to many simulated (virtual) devices across this Tunnel. Somehow - It appears that many connections is not getting established across this tunnel at a given time. Only limited numbers of connections succeed and the message "Cannot communicate through IPSec Tunnel" is observed at the peer end for the remaining devices.

Is there any limitation in the number of connections that can pass across this tunnel?



3)   Could someone please share the ipsec configuration file when multihomed IPs are involved for connecting to many simulated (virtual) devices?

Please clarify.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20170723/0354ad81/attachment.html>