Todo #4353
closed
Review IPsec reloading when strongswan.conf is changed
60%
Description
If things on strongswan.conf are changed ipsec service needs to be restarted since reloading does not work for them
Updated by Ermal Luçi about 9 years ago
- % Done changed from 0 to 100
Applied in changeset 420fce0458f4f1b49faa167a1b6ccc7800d2b8a3.
Updated by Ermal Luçi about 9 years ago
Applied in changeset 41da54ce14d2d43a5ce9738bd80b73355fa26180.
Updated by Chris Buechler about 9 years ago
- Status changed from Feedback to Confirmed
- Assignee set to Ermal Luçi
- Priority changed from Normal to High
- % Done changed from 100 to 60
this is excessive in at least some circumstances. The restart flushes the SAD so it will cause at least a brief outage, and hence needs to be minimized. Some, if not most, of these changes should be applied just sending a SIGHUP to charon. Discussed here:
https://wiki.strongswan.org/issues/435
Updated by Ermal Luçi about 9 years ago
Yeah i have done this for mobile settings and some reports from the forum where the settings were not updated.
I will double check which plugins do not support reload and update the ticket.
Updated by Sam Bernard about 9 years ago
I reported a bug 4425 which I'm thinking might be related to this. Let me know if you need any logs from me.
Sam
Updated by Chris Buechler about 9 years ago
- Assignee changed from Ermal Luçi to Chris Buechler
working on this
Updated by Chris Buechler about 9 years ago
- Subject changed from IPSec reloading does not work when strongswan.conf is changed to Review IPsec reloading when strongswan.conf is changed
- Priority changed from High to Normal
- Target version changed from 2.2.1 to 2.2.2
it at least only restarts when something is actually changed, and the HUP doesn't seem to apply things it should with strongswan in some cases. Leaving this as is for now, needs review for future releases.
Updated by Chris Buechler about 9 years ago
- Target version changed from 2.2.2 to 2.2.3
Updated by Ermal Luçi almost 9 years ago
- Status changed from Confirmed to Feedback
This have been fixed with the code change to use the starter pid for events rather than charon one.
Updated by Chris Buechler almost 9 years ago
- Tracker changed from Bug to Todo
- Status changed from Feedback to New
- Target version changed from 2.2.3 to 2.3
Updated by Chris Buechler over 8 years ago
- Status changed from New to Resolved
we've done a lot of work here in later 2.2.x versions. I'm not aware of anything that's handled incorrectly here anymore.