[Swan] Tunnel drops intermittently during phase 2 rekeying
Paul Wouters
paul at nohats.ca
Fri Dec 14 16:20:11 UTC 2018
On Thu, 13 Dec 2018, Chan Jeon wrote:
> I am running libreswan 3.27 and setting up IPSec tunnels between many hosts using config like:
> Initially, all connections come up and traffics go through with no problem. But when phase 2 rekey occurs, I
> see some tunnels dropping with errors. In pluto logs, I am seeing CHILD_SA_NOT_FOUND and INVALID_IKE_SPI and
> it eventually stops attempting the rekey.
We are aware of the problem, and the git master version might have
already fixed it. We are still working on some rekey code before we
are doing a release with all fixes in place.
Paul
More information about the Swan
mailing list