Hello, Experiencing an issue with version 5.8.0. We have two gateways in an HA arrangement. When the current master goes down, the backup takes over ok but when the old master comes backup (as the back up) and attempts to the re-sync the tunnel list from the new master (took over for the old master when the master was rebooted), I see the following msgs in the charon.log:
Nov 30 04:10:40.571 01[CFG] HA: accepted new connection request from fd00:2600:2600:115:1::1 # The rebooted old master is now coming back up Nov 30 04:10:40.571 01[CFG] HA: successfully accepted incoming connection # The rebooted old master starts its strongswan HA "sync" connection to us (the new master) Nov 30 04:10:41.569 05[CFG] resyncing HA segment 1 Nov 30 04:10:41.995 05[CFG] HA: failed to receive 4 bytes : Connection reset by peer Nov 30 04:10:41.995 05[CFG] HA: failed to read size (4 bytes) Nov 30 04:10:41.995 05[CFG] HA: pulling message failed Nov 30 04:10:41.995 05[DMN] thread 5 received 11 # charon crashes?? Nov 30 04:10:41.995 06[CFG] HA: failed to send 17284930 bytes: Bad file descriptor Nov 30 04:10:41.995 01[CFG] HA: accepted new connection request from fd00:2600:2600:115:1::1 Nov 30 04:10:41.995 01[CFG] HA: successfully accepted incoming connection Nov 30 04:10:42.615 00[LIB] openssl FIPS mode(1) - enabled # charon restarts ??? Nov 30 04:10:42.622 00[CFG] crl caching to /etc/ike/swanctl/x509crl enabled Nov 30 04:10:42.622 00[CFG] loaded 0 RADIUS server configurations 3 questions: 1. The crash appears to have been caused by the "pulling message failed condition? 2. I don't find a core anywhere, should charon have generated a core as result of the "thread 5 received 11" condition? 3. Are there significant HA fixes/enhancements in strongswan 5.9.x ? Maybe we should upgrade? thx Dave Finley df1...@att.com<mailto:df1...@att.com> (630) 719-4391 (desk) (630) 740-5198 (mobile)