I have 6 instances of libreswan running in Google Compute Engine with each terminating at varying firewall appliances (non-cloud). Yesterday 3 of the 6 instances were inaccessible at the same time. Each had "malformed payload in packet" messages (never before seen) in their ipsec.log file over the same period of time. The instances all came back eventually without intervention.
Later in the afternoon Google Cloud Platform posted about connection issues covering my outage. I will still look at upgrading but now don't think this particular issue was with libreswan. On Sun, Mar 8, 2015 at 9:46 AM, Paul Wouters <[email protected]> wrote: > On Sat, 7 Mar 2015, David M wrote: > > I am running the same libreswan/OS as the original poster and this morning >> had 3 libreswan instances (each to different Mcafee devices) become >> unresponsive. >> There is no prior mention of malformed packets in any of my ipsec.log >> files >> (goes back a few weeks) and hey have been reliable otherwise. >> >> Is there a changelog entry between 3.8.6 and 3.12 that addresses a >> malformed >> packet situation I can reference for moving to 7.1 just after it was >> released? >> > > I don't know why a working scenario suddenly stops working. Did a > restart fix anything? Or is it always failing now? Has there been > a networking change? A firewall change? (perhaps related to fragments?) > > The changelog between 3.8 and 3.12 is big, and worth upgrading > regardless. > > Paul >
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
