Hello ? why doesn't each connection stop after the DPD retry limit is reached (transmission retries start over to from 5 to 1)
? why doesn't each connection entry clear after the DPD retry limit is reached (swanctl --list-sas shows all connections) ? why on reconnect does each connection create a new entry (and then leave zombie entries of the prior connection) Procedure * Configuration: DPD delay =2s, DPD action = clear * Note: using VICI * Using 4 radio interfaces * Allow all radio to create VPN tunnels * Bring down all radio interfaces * Allow DPD to finish a 5 retries * We then notice all VPN connection would start over and retry * Then after that bring up the radio interfaces * All radio would reconnect, swanctl -list-sas shows the new connections and the old zombie connections The above does not happen when we use 1 radio connection (DPD stops after 5 retries and the entry clears) Let me know if more information is needed. Thanks
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
