[Swan] Tunnel behind NAT: large packets freeze it
Davide Pucci
d.pucci at i-node.it
Wed Dec 20 10:03:31 UTC 2017
Hi all.
I need your help as I'm facing several issues without some Swan IPsec tunnels: they all are built between a NAT-ed host (running openswan) and a publicly exposed one (running libreswan).
I can always reproduce the issue by executing " for i in {0..30}; do ps ax; done" or "dd if=/dev/urandom bs=10M": it seems that if I run commands with large outputs tunnel goes down.
The first - behind NAT - host has the configuration file attached as h1-to-h2.conf; similarly, the latter, the one named h2-to-h1.conf.
Thank you for any help.
Regards,
Davide Pucci.
**********
Davide Pucci
Systems and Software Engineer
Mob: +39 348 923 7278
Tel: +39 06 5960 2069
Fax: +39 06 5960 6185
Email: d.pucci at i-node.it
I-node s.r.l.
We build you® .biz
Via di San Giovanni in Laterano, 84 - 00184 Roma (RM)
Twitter: http://www.twitter.com/i_node
Sito Web: http://www.i-node.it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20171220/1cdb6e4e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: h1-to-h2.conf
Type: application/octet-stream
Size: 312 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20171220/1cdb6e4e/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: h2-to-h1.conf
Type: application/octet-stream
Size: 570 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20171220/1cdb6e4e/attachment-0001.obj>
More information about the Swan
mailing list