Hi, I am doing below IPSec testcase.
Let's say IPSec tunnel is established between two ends[A ------------ B]. For some reason, B side tunnel went down, and couldn't notify A. Lets say r1~v1 is conn name. Now on A, I am doing "ipsec down r1~v1", which sends "ipsec stroke terminate", trying to clear the tunnels and sends the DELETE notification to other end. As the other end is down, A will not receive the DELETE reply. And A is entering into retransmitt mode. And all the subsequent stroke messages are in queue,because of retransmission mode. When this is going on, I removed "r1~v1" in ipsec.conf and sent SIGHUP, and added back the connection "r1~v1" in ipsec.conf and sent SIGHUP. I am seeing all the stroke messages related to this conn[r1~v1] are in queue, and once after 5 retransmitts all the pending stroke messages are executed. Queuing the stroke messages when conn is in retransmission mode, Is this expected behaviour? Is there anyway to prevent the retransmissions for specific Informationl packets ? -Bhargav
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
