On Wed, Aug 10, 2022 at 1:37 PM Bernd Schubert <bernd.schub...@fastmail.fm> wrote: > At least for me the interesting part is that openconnect is not sending > these ESP probes anymore then - I wonder if it is hanging. Going to get > pstack output tomorrow. > > So I enabled time stamps now (thanks for the parameter) > > 1) > ... > [2022-08-10 21:22:11] ESP session established with server > [2022-08-10 21:22:33] Send ESP probes for DPD > [2022-08-10 21:23:03] Send ESP probes for DPD > .... > [2022-08-10 21:42:35] Send ESP probes for DPD > [2022-08-10 21:42:42] ESP detected dead peer <-------- Hmmm > [2022-08-10 21:42:42] UDP SO_SNDBUF: 28000 > [2022-08-10 21:43:42] Send ESP probes > [2022-08-10 21:44:42] Send ESP probes > ... > [2022-08-10 21:53:13] Send ESP probes > [2022-08-10 21:53:53] Read error on SSL session: Error in the pull function. > ... > > ===> >30 min > > > 2) > .... > [2022-08-10 21:57:46] ESP session established with server > [2022-08-10 21:58:01] Send ESP probes for DPD > [2022-08-10 21:58:16] Send ESP probes for DPD > ... > [2022-08-10 22:02:32] Send ESP probes for DPD > [2022-08-10 22:02:35] Read error on SSL session: Error in the pull function. > > ===> <5min > > With 2 runs (it gets late here) once around 30 min and another time > around 5 minutes.
Thanks for checking this. Yeah, doesn't look like a perfectly consistent timing here. We will need to do some experimenting against our Pulse test server to try to figure out how to send keepalives to the TLS channel. Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
