All, Hoping for some clarity to a behavior I've become aware of with strongSwan.
I have 5 hosts that connect to each other. The config stanzas on all the hosts are practically identical (except for ids and IP addresses) to each other and appear as follows: conn dev4-dev3 type=transport authby=secret left=2.1.1.174 leftid=dev4 leftfirewall=no leftupdown=/etc/ipsec.updown right=2.1.1.173 rightid=dev3 rightfirewall=no rightupdown=/etc/ipsec.updown auto=start compress = yes conn dev4-dev5 type=transport authby=secret left=2.1.1.174 leftid=dev4 leftfirewall=yes leftupdown=/etc/ipsec.updown right=2.1.1.175 rightid=dev5 rightfirewall=yes rightupdown=/etc/ipsec.updown auto=start compress = yes <snip> In total, dev4 _should have_ 4 connections: dev1, dev2, dev3 and dev5. I've noticed, however, that after restarting the daemon there are occasions where five or even six connections are being made. See below: http://pastebin.com/KPHeUR7J Note how dev4 (the host where this output is from) has _multiple_ connections to 2.1.1.171 and 2.1.1.172. How is this possible given the configuration above? Will one of these eventually time out? I suppose there are no real security issues with this, but I am rather curious to determine why this is happening. Any thoughts / ideas would be greatly appreciated. _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users