Hi, I have noticed that by default only 3 quick mode exchanges are tracked for ikev1 in version 5.3.5. I was curious as to why the default is 3?
We have a setup between an ikev1 implementation and strongswan's ikev1 (version 5.3.2) - lifetime of phase 1 SA are 2 minutes - lifetime of phase 2 SAs are 1 minute Initial SAs are initiated from strongswan and all works fine. I noted strongswan does one quick mode exchange at a time in establishing each child_SA. The refreshes are driven by the other side who initiates multiple quick mode exchanges concurrently. We then begin to see the following error in log, charon[6390]: 15[ENC] invalid HASH_V1 payload length, decryption failed? I saw the following sequence in strongswan's log, QM_1 for MID=2797947468 received QM_2 for MID=2797947468 sent QM_1 for MID=281474316 received QM_1 for MID=3298933230 received QM_1 for MID=1321662356 received QM_2 for MID=3298933230 sent By the time MID=2797947468 receives QM_3, his last IV has been removed from the IV list for the IKE_SA and is no longer being tracked. Thus it seems a new IV is generated and used to decrypt message 3 resulting in the above error. Hopefully I have read the code and concluded correctly. Is this expected behavior? I noted that version 5.3.5 contained some changes such that strongswan uses max_ikev1_exchanges to track amount of IVs and QM exchanges. So we tried version 5.3.5 with max_ikev1_exchanges=32. This time we did not see the above error message until much later in the log. In 5.3.5, if the QM count for the IKE_SA exceeds max_ikev1_exchanges, strongswan removes the least current QMexchange. Thus possible to lose an active QM exchange... which I am guessing happens since we are refreshing several SAs that have a lifetime=1minute, that we might possibly have 32 ongoing QM-exchanges for the IKE_SA... thus the above error much later in the log... Am I correct to conclude that at some point, depending on variables like lifetime, number of child_sa, etc... max_ikev1_exchanges can easily or eventually be reached in strongswan if the other side does not initiate QM exchanges one at a time? Thanks for any clarity, help or info. It is appreciated. regards, Joy _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
