Project

General

Profile

Actions

Todo #4353

closed

Review IPsec reloading when strongswan.conf is changed

Added by Ermal Luçi almost 10 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Normal
Category:
IPsec
Target version:
Start date:
01/30/2015
Due date:
% Done:

60%

Estimated time:
Plus Target Version:
Release Notes:

Description

If things on strongswan.conf are changed ipsec service needs to be restarted since reloading does not work for them

Actions #1

Updated by Ermal Luçi almost 10 years ago

  • Status changed from New to Feedback
Actions #2

Updated by Ermal Luçi almost 10 years ago

  • % Done changed from 0 to 100
Actions #3

Updated by Ermal Luçi almost 10 years ago

Actions #4

Updated by Chris Buechler almost 10 years ago

  • Status changed from Feedback to Confirmed
  • Assignee set to Ermal Luçi
  • Priority changed from Normal to High
  • % Done changed from 100 to 60

this is excessive in at least some circumstances. The restart flushes the SAD so it will cause at least a brief outage, and hence needs to be minimized. Some, if not most, of these changes should be applied just sending a SIGHUP to charon. Discussed here:
https://wiki.strongswan.org/issues/435

Actions #5

Updated by Ermal Luçi almost 10 years ago

Yeah i have done this for mobile settings and some reports from the forum where the settings were not updated.

I will double check which plugins do not support reload and update the ticket.

Actions #6

Updated by Sam Bernard almost 10 years ago

I reported a bug 4425 which I'm thinking might be related to this. Let me know if you need any logs from me.

Sam

Actions #7

Updated by Chris Buechler almost 10 years ago

  • Assignee changed from Ermal Luçi to Chris Buechler

working on this

Actions #8

Updated by Chris Buechler almost 10 years ago

  • Subject changed from IPSec reloading does not work when strongswan.conf is changed to Review IPsec reloading when strongswan.conf is changed
  • Priority changed from High to Normal
  • Target version changed from 2.2.1 to 2.2.2

it at least only restarts when something is actually changed, and the HUP doesn't seem to apply things it should with strongswan in some cases. Leaving this as is for now, needs review for future releases.

Actions #9

Updated by Chris Buechler over 9 years ago

  • Target version changed from 2.2.2 to 2.2.3
Actions #10

Updated by Ermal Luçi over 9 years ago

  • Status changed from Confirmed to Feedback

This have been fixed with the code change to use the starter pid for events rather than charon one.

Actions #11

Updated by Chris Buechler over 9 years ago

  • Tracker changed from Bug to Todo
  • Status changed from Feedback to New
  • Target version changed from 2.2.3 to 2.3
Actions #12

Updated by Chris Buechler about 9 years ago

  • Status changed from New to Resolved

we've done a lot of work here in later 2.2.x versions. I'm not aware of anything that's handled incorrectly here anymore.

Actions

Also available in: Atom PDF