Bug #11951
closed
IPsec status fails when many tunnels are connected
100%
Description
How to reproduce:
1. Set wan address 172.16.1.2/24.
2. Create IPSEC IKEv1 P1 with remote 172.16.1.3 and 11 P2 tunnels (or load attached config).
3. Go to Status\IPsec and click "connect"
You will see "Collecting IPsec status information.". After that all web interface will be responding "504 Gateway Time-out".
Tested versions:
2.5.1
2.6.0-DEV
Files
Updated by Jim Pingle over 3 years ago
- Subject changed from IPSEC stuck on large configuration (more than 10 P2 tunnels) to IPsec status fails on large configurations
- Status changed from New to In Progress
- Assignee set to Jim Pingle
- Target version set to 2.6.0
- Plus Target Version set to 21.09
I'm working on optimizations for this as a part of ongoing IPsec work, should be solved soon.
Updated by Jim Pingle over 3 years ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset bec6dcfbbef4832b34d47ca60b0671b23dc185d8.
Updated by Jim Pingle about 3 years ago
- Subject changed from IPsec status fails on large configurations to IPsec status fails when many tunnels are connected
Updating subject for release notes.
Updated by Jim Pingle about 3 years ago
- Plus Target Version changed from 21.09 to 22.01
Updated by Jim Pingle almost 3 years ago
- Status changed from Feedback to Closed
No sign of slowness or failures with many tunnels on the IPsec status page since the fix went in. I've tested with ~20 tunnels connected and it still loads in a reasonable amount of time (~15 seconds at most).