Hi Markus, > a) where is the logic where it monitors for new routes/interfaces?
charon registers to the kernel via Netlink to receive events. This is implemented in [1] and uses a dedicated thread to wait for such events. If this thread thinks the network setup has changed, it fires a so called roam_job, which is executed [2] by a thread of the thread pool. This thread checks all IKE_SAs if they need an update. > b) how is this communicated to the "sending" code, are they different > threads Packet sending/receiving is done in a dedicated thread, as are other tasks such as receiving kernel events or reading from the IPC interface used by "ipsec up" and the like. Processing larger tasks (packet processing, event processing) is handled by threads from a pool. > c) where/how is the new route detected? The roam job checks out each IKE_SA and invokes the roam() method [3]. There the kernel is queried for a new route, and if an update via MOBIKE is required, queues the mobike task and executes it [4] as soon as the IKE state machine is ready. > i) charon will hang on a "getting address to interface" I can't find this log message in our code. Where does it hang exactly? Any chance to attach gdb and do a "thread apply all bt"? What is your kernel version? > ii) charon appears to log errors as it trys to send out packets to the > downed interface Charon currently probes the existing path under certain circumstances, even if it is down. But this should actually not harm. > iii) ipsec status sometimes will just hang during a transition period, > and the only solution is to either wait till it finally returns, or > kill it. If a thread hangs in i), it blocks an IKE_SA and the status thread is not allowed to read its data and waits for the release of the IKE_SA. Best regards Martin [1]http://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/charon/plugins/kernel_netlink/kernel_netlink_net.c#L479 [2]http://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/charon/processing/jobs/roam_job.c#L52 [3]http://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/charon/sa/ike_sa.c#L1795 [4]http://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/charon/sa/tasks/ike_mobike.c#L353 _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
