On Sat, Jan 14, 2006 at 09:20:34AM -0400, James Mackinnon wrote:
> Hello everyone
>
> I have a 2 central locations which have multiple interfaces (4) and have
> tunnels for each of these interfaces to 34 other locations.. this comes out to
> approx 198 tunnels on each of these 2 systems.
>
> My other locations only have 1 interface, they all tunnel to each other and to
> these 2 locations (all 4 segments)
>
> My smaller locations do not have an issue, but these 2 with approx 198 tunnels
> just stop working. Running openBSD 3.8 on these 2 firewalls.
>
> I have checked the logs and there is nothing, Isakmpd just stops running. The
> pid file is still in /var/run and when I try to hup it, it tells me that the
> pid does not exist, thus, Its going and its going fast.
>
> Can anyone offer a suggestion on this. We didn't have this issue with this
> exact same config until we added all these tunnels. prior there was approx 100
> in each.
>
> Systems are both approx 2.4ghz and 512mb of memory. 1 is an intel, 1 is an
> amd.
> Both have 5 intel pro adapters
Is that enough memory? I have no clue about how much isakmpd needs, but
it might be a little much with that much tunnels.
Try to start the tunnels and post top output, or somesuch.
How much swap do you have configured?
Joachim
