[Swan] R: R: Packets dropped strangely
Paul Wouters
paul at nohats.ca
Sat Oct 13 23:49:17 UTC 2018
On Tue, 9 Oct 2018, libreswan91 at iotti.biz wrote:
> ]# cat /proc/net/xfrm_stat
> XfrmInError 0
> XfrmInBufferError 0
> XfrmInHdrError 0
> XfrmInNoStates 2
> XfrmInStateProtoError 0
> XfrmInStateModeError 0
> XfrmInStateSeqError 0
> XfrmInStateExpired 0
> XfrmInStateMismatch 0
> XfrmInStateInvalid 69
> XfrmInTmplMismatch 119
> XfrmInNoPols 13
> XfrmInPolBlock 0
> XfrmInPolError 0
> XfrmOutError 0
> XfrmOutBundleGenError 0
> XfrmOutBundleCheckError 0
> XfrmOutNoStates 275
anything non-null points to a problem. But these numbers are not reset
after you restart libreswan, only when you restart the kernel. A few
of those can happen at times during race conditions, but if you do a
ping to something that fails these numbers should not increase per ping.
Of that happens, there is a real problem since libreswan thinks there is
a policy or state and gave it to the kernel but the kernel disagrees.
Paul
More information about the Swan
mailing list