Hello,
we have big problems with VPNaaS in multiregion Production environment on
Openstack Juno with unstable connection between vrouters or vrouter to external
pfSense for example.
On network nodes we have different kernel parameters. Anyone knows which should
be exactly kernel parameters to configure in kernel if there are? Is there any
issue with some kernel versions?
We use openswan 2.6.38 on kernel 3.13.0-65 and 3.13.0-74.
The errors we noticed are that the VPN connection is UP but packets doesn’t
pass through encrypted tunnel because there are mismatch with xfrm state. Seems
that sometimes when SA is re-established openswan can’t ri-negotiate it and
show error below:
ignoring Delete SA payload: PROTO_IPSEC_ESP SA(<xfrm state id>) not found
(maybe expired)
Anyone could help?
Thank you very much.
Regards,
Davide
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : [email protected]
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
