On Wed, 24 May 2023, Ian Willis wrote:
I'm seeing a huge number of these events in the journalctl log, about 20000 per
second on Rocky linux 8,
libreswan-4.5-1.el8_7.1.x86_64
This is the only host which uses TCP rather than UDP. When using UDP on
occasions the host (right side) won't connect as it appears
to be identified as another host. (Another issue for later)
"connection from X.X.X.X:28007: IKETCP ENABLED: socket 14: 0 byte packet indicates
EOF"
Can you check (preferably on a host in front of this machine, using
tcpdump) whether the libreswan machine is receiving (small) TCP packets
or whether it is not receiving anything and generating these?
It could be the peer sending TCP packets without real data. Or it could
be a kernel bug generating userland communication.
Alternatively, try a RHEL9 based kernel that I think might have better
ESPinTCP support.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
