[Swan] Frequent dropped connections follow-up

Fri Oct 4 18:40:13 UTC 2019

Hi, back in May I reported an issue involving two cable modems and
dropping the connections for no apparent reason. I believe Paul said
it was a deadlock issue that would be fixed in 3.28, but it continues
today with 3.29 on fedora30.

The issue is that two systems, both of which are connected to the
Internet via cable modems, frequently lose their connection and
usually require restarting one or both connections in order to
reconnect, although sometimes "ipsec auto --up <connection_name>"
works.

My previous report is here:
https://lists.libreswan.org/pipermail/swan/2019/003189.html

I'm really not sure what further information I should provide to help
troubleshoot this. This is the config from the "remote" system with a
dynamic IP provided by Optimum.

conn orion-wyckoff
        ikev2=insist
        authby=rsasig
        auto=start
        interfaces=%defaultroute
        dpddelay=10
        dpdtimeout=90
        dpdaction=clear
        rightsubnets={192.168.11.0/24,192.168.10.0/24}
        rightid=@wyckoff-orion
        right=wyckoff.example.com
        rightrsasigkey=0sAwEAAd4...
        leftid=@orion-wyckoff
        left=orion.example.com
        leftsubnets={192.168.1.0/24,192.168.6.0/24}
        leftrsasigkey=0sAwEAAeSMFxvoJ...

Here is the config for the "local" system with a static IP provided by
Optimum. This system also has several other VPNs also using
libreswan-3.29 that don't generally have the same problem.

conn orion-wyckoff
        ikev2=insist
        authby=rsasig
        auto=add
        dpddelay=10
        dpdtimeout=90
        dpdaction=clear
        rightid=@wyckoff-orion
        rightsubnets={192.168.11.0/24,192.168.10.0/24}
        right=wyckoff.example.com
        rightrsasigkey=0sAwEAAd4EeK...
        leftid=@orion-wyckoff
        left=orion.example.com
        leftsubnets={192.168.1.0/24,192.168.6.0/24}
        leftrsasigkey=0sAwEAAeSMFxvoJaP5...