[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openswan-users
Subject:    Re: [Openswan Users] fos_start and pluto crazy
From:       Paul Wouters <paul () xelerance ! com>
Date:       2006-11-27 16:00:06
Message-ID: Pine.LNX.4.64.0611271659100.27487 () tla ! xelerance ! com
[Download RAW message or body]

On Mon, 27 Nov 2006, Marco Berizzi wrote:

> Hi everybody.
> I'm running Openswan 2.4.7 on linux 2.6.18.3 (netkey).
> Yesterday evening I have shutdown one of our gateway
> (venezia), and restarted this morning.
> All went fine, but one of our gateways was quite slow
> because it was writing ton of:
>
> pluto[709]: "venezia" #2844: initiating Quick Mode
> RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS+UP {using isakmp#2829}
>
> to /var/log/secure
> It has also wrote ton of:
>
> pluto[709]: initiate on demand from 172.18.1.13:0 to
> 172.16.1.21:0 proto=0 state: fos_start because: acquire
>
> while the 'venezia' gateway was shutdown.
> Is there a way to control this behaviour?

I've seen those myself on a rare occasion. But only on machines using NETKEY.

Next time, before restarting, run 'ipsec barf', it might tell us something
about the internal state, and what is happening.

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

[prev in list] [next in list] [prev in thread] [next in thread]