the charon log files for these four hosts are available for download here: http://origin.scdn.co/u/wp/alvina.ash.spotify.net-charon.log.gz http://origin.scdn.co/u/wp/annalise.ash.spotify.net-charon.log.gz http://origin.scdn.co/u/wp/annmarie.ash.spotify.net-charon.log.gz http://origin.scdn.co/u/wp/taylor.sto.spotify.net-charon.log.gz
On Mon, May 23, 2011 at 2:46 PM, Andreas Schuldei <[email protected]> wrote: > hi! > > I seem to be experiencing problems with charon in strongswan 4.4.1. > > One problem is that charon sometimes failes to reinitiate SAs once > they expire. I set up a testbed with 17 hosts to reproduce and track > down the issue, as it takes some time for it to manifest. > > since every host has several connections to the other peers in this > ipsec setup, it is tricky to see what log entry is caused by which > connection. how can single out the log entries from those > affected/failing connections? how can i get a verbose status dump from > charon showing what it thinks the status is of all the connections it > keeps track of? > i dont want to attache 16M of log files here. please advice what parts > are useful, and i would appreciate tips on how to extract those. > > the hosts that i currenly see problems with are up: > > root@taylor:~# fping annalise.ash.spotify.net annmarie.ash.spotify.net > alvina.ash.spotify.net > annalise.ash.spotify.net is alive > annmarie.ash.spotify.net is alive > alvina.ash.spotify.net is alive > > but ipsec statusall has no SA for them. (see ipsec-statusall.txt) > > please also find attached annalises and taylors ipsec.conf. the other > hosts' ipsec.conf is equivalent. there is always one initiator for > each connection. > _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
