Hi, all Strongswan 4.6.2, using charon only.
I've seen the issue couple of times (happens quite intermittently). We have rather large config -- in excess of 15000 connections. Sometimes strongswan does not load all connections. If i try ipsec up <conxxxxx>, i get "no config named conxxxxx" message. look at output of "ipsec statusall" and I can see that only connection up to certain number are on, rest are not loaded. Number of laded connections is different every time. Today I saw 14955 connections up and connection 14996 and higher were not loaded. Nothing abnormal in the logs ipsec reload did not help ipsec restart did not help ipsec stop appeared to exit correctly, however charon was still running as confirmed by 'ps'. Killing charon process and then starting ipsec again correctly loaded all connections and all is good for now. Just wondering if anyone saw those symptoms? Thanks, Rudolf _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
