On Thu, Jan 29, 2026 at 9:10 AM Ilya Maximets <[email protected]> wrote:
> 'keyingtries' config is not supposed to work for ikev2. But it does > in Libreswan 4 and older. Libreswan 5, however, reworked connection > revival code, and so it is now the only thing that keeps on trying the > connection marked as 'UP', not the 'keyingtries'. v5.3+ complains > about usage of the obsolete config option on stderr: > > 2026-01-12T12:26:09Z | 294 | ovs-monitor-ipsec | WARN | stderr: > b'ipsec addconn: /etc/ipsec.conf:7: > warning: obsolete keyword ignored: keyingtries=%forever\n' > > Avoid setting this option for Libreswan 5+ to silence the warnings > in the log. > > For v4 and older 'keyingtries' still provides the re-try behavior, so > keeping it, as it may be dangerous to just rely on revival on these > older versions. > > Signed-off-by: Ilya Maximets <[email protected]> > --- > > Acked-by: Mike Pattrick <[email protected]> _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
