Hi, What's best practice for restarting a connection when the internal dead peer detection isn't enough? In past years with Openswan I've run a script pinging an address in each remote subnet, restarting ipsec if there are persistent failures to respond on any of them. Libreswan tunnels get into a bad state less often (Cisco ASAs on the other end); but nonetheless, despite dpd being enabled, can get into a state where traffic is failing, and an instant restart of ipsec has risk involved. Yesterday with one tunnel failing seemingly entirely, restarting ipsec resulted in several subnets on a second tunnel becoming unusable, and this through several restarts (although not the same subnets each time), until I waited a full minute for the restart.
So to not have to be woken in the middle of the night if this gets into a similar state again, I need to get that test script up again, and presumably introduce a delay in it so it shuts down ipsec, waits somthing like a minute, and then starts it again. Or I need to find a better strategy. What's clear is that dpd needs an external backup to get to automated reliability. This sort of bad state is thankfully infrequent; but I have to prepare for it. All advice will be welcome. Thanks, Whit _______________________________________________ Swan mailing list Swan@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan